I tried to setup 2FA on my Xfinity account today, only to realize that I was being forced into installing an Xfinity app. If you know what 2FA is...you probably already have another authenticator app.
Why on earth would you want to install a 2FA app for each and every service you use??? Why not allow users to consolidate and use any 2FA app??? It really highlights xfinity's ignorance, as does your webchat bot.
It's actually more secure. If you're interested, you can read about it here:
Generally, an app/service will display a qr code or give you the corresponding secret key phrase, which you then plug into any app (or develop your own). You could then manage it all with 1 app.
I'd wager that Xfinity's app uses the same authentication mechanism. They should just display the stinking qr code. I'm not installing that app.
Appears the Xfinity Authentication App has a few more features included specific to Comcast/Xfinity accounts:
I have to agree that it is silly to have a "special" 2FA app just to access one vendor's online customer service account. The veteran 2FA app user won't use it, they have a soft 2FA token app from Google, Microsoft, Authy or LastPass already, Xfinity should support them. And it is disingenuous to allow the uninitiated to believe such a one off app is necessary, not to mention non-supportive of industry interoperability. It's energy that could have garnered them some respect, instead it is off-putting.
It's worse than just a different unique app. Their app supports standard 2FA QR codes which means they're 2FA implementation is probably backed by the same. So really all their doing is refusing to give us access to the code what would allow us to use any standard 2FA key provider. I'm sure it's all done in the name of gathering even more data on their users, as if they don't know enough about me already.