I would recommend using apps like Google Authenticator for 2FA and avoid SMS messages. Gmail also allows you to use a special hardware key to login into your account which is the most secure way by far. You can read more in my Steemit blog post:

Take care of your online security before getting into crypto