Sorry, but my Article and Walmart.com accounts do not need 2FA. I'm fine with OTP, but most places use SMS 2FA, which exposes a unique identifier for myself and -- due to SIM swapping, which is a risk on literally every major carrier due to horrible customer service operations -- often makes it easier for a malicious actor to hijack my account.
You're generally correct, though: GOOD 2FA is not overrated and I would welcome it on any account. But it's obnoxious that almost every account I have uses SMS as a singular point of failure. I'd welcome a move back to email 2FA with a backup email for account recovery.
You're generally correct, though: GOOD 2FA is not overrated and I would welcome it on any account. But it's obnoxious that almost every account I have uses SMS as a singular point of failure. I'd welcome a move back to email 2FA with a backup email for account recovery.