[gibibit]

I agree with the article. Maybe businesses are trying to protect themselves, but as a user, mandatory 2FA reduces the level of security I can achieve for myself.

Because security is not just confidentiality, it's also availability: the "Security CIA Triad" is Confidentiality, Integrity, and Availability.

If I can lose access (availability) to my online account by losing some physical item (e.g. lost cell phone), or if some third party can prevent me from accessing my 2FA (e.g. banned from my email provider by DMCA takedown request), then I have my availability, and hence overall security is at risk.

Additionally, requiring a phone number for online services means that the confidentiality of my identity is reduced. It becomes impossible to be anonymous. For instance, you can't use Signal messenger without a phone number, so there's a chance your identity can be leaked.