I very carefully added 2FA to my wife’s Bitwarden account a while ago. I got her a Yubikey and added mine as well as my backup keys in case one ever got lost.
I discovered much later that they call email “2FA” so her account isn’t actually protected by the hardware keys at all. Like others here, this doesn’t make sense to me since it’s circular.
(and separately, the Yubikey seems to often not work on Android anyway)
X.com is one site where 2FA just doesn’t work for me and had to repeatedly contact them to “unlock” it or so. Finally I had to disable it and if the a/c ever gets taken over I’d let it be.
I discovered much later that they call email “2FA” so her account isn’t actually protected by the hardware keys at all. Like others here, this doesn’t make sense to me since it’s circular.
(and separately, the Yubikey seems to often not work on Android anyway)