What's worse, all they had to do was enable a checkbox in the settings somewhere but they went on an embarrassingly long e-mail thread back and forth, not even willing to help the users.
So I think that in cases like that, it's definitely a good idea to call attention to the issue and tell more people about open technologies like that! Unfortunately, most people just won't care.
That said, TOTP is actually decent and I'm surprised that it's not supported everywhere, especially given how much shouting about SMS not being secure enough goes around.
I remember a story about a university in Lithuania also opting for either SMS or a proprietary 2FA app, but not allowing TOTP either: https://fsfe.org/news/2023/news-20230418-01.html
What's worse, all they had to do was enable a checkbox in the settings somewhere but they went on an embarrassingly long e-mail thread back and forth, not even willing to help the users.
So I think that in cases like that, it's definitely a good idea to call attention to the issue and tell more people about open technologies like that! Unfortunately, most people just won't care.
That said, TOTP is actually decent and I'm surprised that it's not supported everywhere, especially given how much shouting about SMS not being secure enough goes around.