I've used the libpam module for Google Authenticator[0] before, the difference being that it isn't dependant on the availability of a third-party service, but you have to be much more careful about losing your device. That said Authy do have pretty great uptime[1]

Nice for production servers, but becomes a an annoyance after the cool factor wears off for servers that don't really need it :) Installable on aptitude using libpam-google-authenticator (guide [2]).

[0]: https://code.google.com/p/google-authenticator/ [1]: http://status.authy.com/ [2]: https://scottlinux.com/2013/06/02/use-google-authenticator-f...

So what if the site goes down?

I can't ssh since force command is failing?

Hopefully there's a fallback mechanism or a backup code. Otherwise it all looks really shady.

I looked at the site for some time and couldn't find an answer to my question. Does anybody know if the SMS is just for US cellphones?

Can anyone tell me if that's really worth it? Looks like a bit of an overkill considering the protection given by ssh keys.

Does it works just with SMS?