ByNitish Singh-November 16, 2018.1013 Figure 1 Figure 1 The affected server was not protected by a password which would allow anyone to snoop in. Luckily, most of the data in text messages is for limited use as one-time passwords and after they have been used, password reset links have no meaning. Even if they weren’t used, timers are set by programs to make them useless if not accessed. Sms-based two-factor authentication is slowly fading away and being replaced by far more reliable, app-based verification systems. In order to secure your data, you can implement authentication-based password managers or U2F hardware keys to avoid these data leaks.