It is public information, and that's why it's ludicrous that it's used for two-factor authentication.
Two-factor authentication is a dumb solution to a real problem. The problem should be properly solved, rather than hacked around with stupid solutions like "sending notifications to accounts that can easily be spoofed by willful actors".
> Two-factor authentication is a dumb solution to a real problem. The problem should be properly solved, rather than hacked around with stupid solutions like "sending notifications to accounts that can easily be spoofed by willful actors".
SMS Two-factor authentication is a dumb solution. Actual two-factor authentication like FIDO U2F tokens is a better solution. Even TOTP is better than SMS auth.
Two-factor authentication is a dumb solution to a real problem. The problem should be properly solved, rather than hacked around with stupid solutions like "sending notifications to accounts that can easily be spoofed by willful actors".