Note however that to enable any other type of 2FA you first have to give them your phone number. You can delete your phone number afterward, but it's too late, they have seen everything.
Well it won't matter once you change your number, but nobody should have to consciously think about doing that because the company you gave it to is using it for non-user account security purposes.
Interesting, thanks for letting me know. I don't have an account. I understand _why_ they require you to verify a phone number though, for the exact reason this article explains.
The phone number isn't for your protection (it's actually really terrible for 2FA), it's for Facebook's protection. It's an anti-bot mechanism to require a unique phone number for each account, or no more than 5 accounts per number or so.
Yeah, but it looks like it still doesn't work if you switch to the app after having given them your phone number for 2FA. The sentence that follows your quote says:
>>(Albeit, the company only added the ability to do non-mobile phone based 2FA back in May, so anyone before then was all outta luck.)
can you actually "opt out" of that number being used or is the spokesperson just saying "we don't get your number via this method if you never give it to us via this method"
I.e. if you switch from using a 2FA phone number to using the app do they stop using that phone number in your facebook profile? And your shadow profile?
That's one way to encourage people to use 2FA App, I guess.