Comparative Table of Two-Factor Authentication Methods Strength

The author has created a comparative table that presents the strength of different two-factor authentication (2FA) methods. The table ranks the methods according to their security level, from the highest (Passkey on hardware security key) to the lowest (OTP via SMS/email), detailing for each one the type of secret used, strengths, weaknesses, and the AAL (Authentication Assurance Level) according to NIST standards. The author has also added biometrics and passwords alone for more completeness, and provides explanatory notes on shared secrets, AAL levels, and the technical specificities of each method.