On Tue, Feb 26, 2019 at 12:14 AM John Levine <johnl@iecc.com> wrote:
In article <24679.1551146531@turing-police.cc.vt.edu> you write:
>So what registries/registrars are supporting 2FA that's better than SMS?

Opensrs does TOTP.  It's certainly not bulletproof, but it's tied to
your actual phone rather than the phone number.  (We careful folk put
our TOTP keys on a couple of our devices in case the phone dies or
gets lost.)  It's very easy to implement, it's an IETF open
specification, and there are lots of clients that support it.

FIDO keys (like Yubikey) also seem OK but I haven't looked at how hard
they are to implement.


https://twofactorauth.org/#domains gives a good view of the domain management landscape regarding 2FA. 


Rubens