Factors Can Be Lost or Inaccessible
One of the mot common methods for two-factor authentication is sending a code via text message. Imagine not having your phone when you’re trying to access secure information via the cloud. Think about all the services you use that require two-factor authentication. If you don’t have your phone, you simply cannot receive factors via text messaging.
False Sense of Security
Most services that utilize two-factor authentication offer a backup method to retrieve your credentials. In essence, the two-factor authentication adds no additional protection if certain forms of account recovery are also available.
Used Against You
Hackers have been known to devise methods to tie your two-factor authentication to their own devices, such as cell phones. Then, despite being he legitimate owner of an account, you are locked out while someone else is in total control.