SMS (text messaging) is an insecure platform and should not be used for 2-factor authentication.
Why is it that I am required to use SMS to have a code sent to me? SMS IS NOT SECURE. ALL of the security experts will tell you so. Sending a six digit code over SMS is not something you should force anyone to use. Why does Xfinity (Comcast) require it's use as the first option? It's frankly stupid. I don't want to use SMS and all my other service providers allow me to use other methods. Xfinity even has a link to have a code sent by email, but it is not the immediate first option. Why can't I have the code sent ONLY to email? For all it's shortcoming, email is VASTLY more secure than SMS. (I'd really like to use my YubiKey please, or at least some other authentication app.) If I remove my cell number for your 2-step options it turns 2-step off completely. What? Who's idea was that and are they still working for you? Please, Xfinity, up your game when it comes to security. Stop requiring the use of SMS. It can be an option for those with no other option, but really, who is that? It's not like everyone who can receive a text message also don't get email on their phone. Seriously. I suppose there may be some people out there with burner flip phones, so keep if for them. But please, GIVE ME TO OPTION TO STOP USING SMS. Thank you. I'm not really that angry, so thank you for letting me rant a bit. I'm just VERY gobsmacked that in 2021 this is an issue with Xfinity. You're usually more on the ball than this.