Everyone I know who works in security has seen Some Stuff. But I've never seen a website that told users you must remove two-factor authentication.
text message 2FA is shit / not really secure - better to use Authy or GoogleAuthenticator App vs email or txt 2FA
