Decipher

Avoid services that don’t support username/password and 2FA:

At the absolute very least 2FA via SMS as it’s better than nothing but I would suggest using a separate phone number to avoid a sim swap attack.

https://cybernews.com/privacy/the-biggest-flaw-of-sim-based-2fa/

If the service you’re using doesn’t support these features they’re not secure, if there’s a vulnerability in the website or app an attacker can and will exploit it.