Also, it's kinda like Google corrupted 2FA TOTP's workflow : it should work on any device that implements the right algorithm and secret key. Instead Google sometimes turns it into MFA tied to a specific mobile device.
When that happens, Google asks to confirm with a known mobile device even though I have specifically configured 2FA TOTP since 2012 to be device independent (and I currently use keepassxc or mobile equivalent to generate the totp value). Google subsequently doesn't allow login by any other method and if the required device is lost or broken you lose access.
When that happens, Google asks to confirm with a known mobile device even though I have specifically configured 2FA TOTP since 2012 to be device independent (and I currently use keepassxc or mobile equivalent to generate the totp value). Google subsequently doesn't allow login by any other method and if the required device is lost or broken you lose access.