>You can also perfectly use 2fa without a phone, unless your shitty company is using some shitty propietary 2fa, and even then, its just a "key" or "qr" they give you, that then you totally control and can use in mostly any 2fa compatible app, like Passwords. app from apple, 1Password, or Authy (RIP)
replyOnly if they're using RFC 6238 TOTP, and not some weird 2fa app. It's ironic you mention authy because they have their own weird TOTP scheme, along with push notification based approval system.
Authy is also EOL since it was acquired by twilio and tossed into the do not recycle bin it seems...
replyBut yeah, things can get messy depending on the specifics, but not installing random apps on your personal phone seems like a pretty reasonable line to make.
I only mentioned Authy cause it was my go-to for 2fa before they got acquired