[dheera]

Yes, but I don't do phone-based 2FA; I only use U2F or TOTP.

When I have a massive, immobile desktop in front of me it makes no sense that the desktop isn't the 2FA device, and that I'm asked to go search for an easy-to-steal tiny 5" device.

Also, I don't believe in phone numbers being 1:1 correlated with a device; for convenience I should be able to take a call from any device that I happen to have with me. So phone numbers should never be used for 2FA IMO.

[wyre]

Why use 2FA at all then? It doesn’t seem like you’re gaining any security using it.

[dheera]

They insist on it, not me.

I'm all for 2FA if it uses U2F but if it's going to be phone-number based I'd rather pass. That isn't an option though, so I automate the phone response.