I have had a few discussions recently about people using 2FA and email (ie sent a 2FA code via email to login) and they have still been hacked/compromised due to the inherent lack of security email has. I would urge people to use more secure ways of securing websites and services like 2FA via an authenticator app/service or passkeys. Although still not 100% secure, as nothing really si, they are way more secure than no 2FA and a lot more secure that 2FA via email… if your email gets compromised then 2FA via email is as good as a chocolate fireguard!
