Twitter and 2FA nonsense…
Just reviewed my 2FA settings on Twitter. I use TOTP and a hardware/U2F token. Looked fine, so I went to remove my phone number in the mobile section (used SMS 2FA before they supported TOTP). Turns out that by removing your mobile number 2FA is completely turned off without any notification/warning/…. Great Twitter! 🤦♂️
@sheogorath Yes, and one can't turn it on without adding a phone number >:-(
Same situation with Facebook, you can chose only one. For me that's not ok.
Btw I also noticed that issue when I want to enable 2fa for my Twitter account a year ago and I'm surprised that the still require phone number. Of course you can overcome that with a burner phone but if you're in country where prepaid registration is mandatory it become even more difficult.