the simplest best answer is cold storage.
authorization is irrelevant if a hacker got into your machine.

=====

If your 'bolded' assertion is true then crypto will remain a side show
and never attain mass adoption ..

For "SMS one time pass" to be defeated the 'hacker' would have
had to either break into my home and/or steal my cell phone and
my computer .. I'll accept that 'risk' for the minor hassle of
having to take a phone call and enter a one time password prior
to withdrawing my coins .. Better that than discovering that
"Ooops someone hacked my wallet and my coins are gone"

Triff ..