i would use it more but places like discord use 2fa as an excuse to deny account support. so i leave it off in case i forget the password (i do not have anywhere to store 'scratch codes' and other such easily lost shit.)

@icedquinn Depends on how it's done. If you require me to have a phone to have 2FA I consider you should be stoned.
If you tell me to have a nitro key or any hardware compatible 2FA system that is offline, even a optical disc with a keyfile on it could work, I have no issues with that.

its usually a magic link to your email address. which is kind of crap considering smtp-to-smtp has no actual guarantees of security whatsoever.

the phone number thing is literally just data cattle. twitter lost some lawsuit about that. turned out everyone ignoring NIST is because it was never about security in the first place.