Two-Factor Authentication helps secure your account, however there are still some considerations you must take when choosing the method to generate your Two-Factor login code.
Using text message to retrieve your login code is less secure than using an Authenticator app.
The primary reason why it's less secure is because it's easier for a hacker to gain access to your text messages than it is to gain physical access to your phone. There are methods for hackers to redirect your text messages, or hack into your phone carrier and access the text messages. With an authentication app, the codes are generated and stored temporarily on your phone (or other device) and expire within a certain timeframe.
Note: Using text message Two-Factor is still better no using no Two-Factor, however keep in mind that it's not 100% secure given the lack of security around text messaging.
Using an authenticator app to generate your Two-Factor login codes is more secure than text message. The primary reason being, it's more difficult for a hacker to gain physical access to your phone and generate a code without you knowing about it.
Keep in mind, your phone or device you have the authenticator app installed on should be protected with a secure password.
There are some additional measures you can take to ensure the security of your GoCo account: