They also support VeriSign VIP (https://idprotect.verisign.com/mainmenu.v), which you could take mobile app - should be better than waiting for SMS. At least in theory as I cannot validate it, because 2FA is not available in Poland.
Unfortunately, there is no open source implementation of the VIP number generator. On the other hand, Google Authenticator is based on TOTP, and has several open source implementations. I don't want to run a separate, proprietary 2FA app for every single service, when they can all just use the standard set out in IETF rfc6238.
Glad it worked. And this is what I don't get. I understand they may not want to distribute hardware tokens in some countries, support SMS, as it is a burden. But why don't they just allow me to activate an existing token?!
