What's a better way to deal with 2FA than SMS?

Pretty much anything. SMS is widely regarded as just about the worst option for 2FA (other than nothing at all). TOTP is fine for me and is what I use for gitlab.com.

Is there a perl way to deal with 2FA?

I use Authen::OATH and have been doing so since 2017. It has proven reliable over that time.