One of best kept secrets in Security Period.

Arguably, this may be the best security advance the WordPress Log in since the password itself!

You set it up to require yourself to text out a number shown on your password screen, rather than receiving one. The system has authenticated your phone when you first set it up in a multiple set of unique ways.

SMS is ancient, insecure and proven to be subject to man in the middle attacks, but this turns SMS on its head, using it in an unspoofable way to help secure your website.

Am I the only one who knows about this, as I just happened to stumble on it one day looking to boost log in security? Amazing innovation. Great job guys.