Email is much worse than SMS.

akvadrako · on March 16, 2021

It could be better if the sender's SMTP server forced the use of TLS. Most emails are now sent encrypted but it isn't usually enforced.

If your control your own receiving server then it would be hard for someone to intercept the message.

bawolff · on March 16, 2021

That's not why its bad.

Its bad because 85% of the usecase of 2fa is people using bad passwords. If you use a bad password in one place, you probably are also doing so on your email.