I tried to setup 2FA on my Xfinity account today, only to realize that I was being forced into installing an Xfinity app. If you know what 2FA is...you probably already have another authenticator app.
Why on earth would you want to install a 2FA app for each and every service you use??? Why not allow users to consolidate and use any 2FA app??? It really highlights xfinity's ignorance, as does your webchat bot.
Wouldn't any 2FA be unique to whatever service is implementing it? Why would they use a generic 2FA scheme not under their control and susceptible to possible hacking?
It's actually more secure. If you're interested, you can read about it here:
Generally, an app/service will display a qr code or give you the corresponding secret key phrase, which you then plug into any app (or develop your own). You could then manage it all with 1 app.
I'd wager that Xfinity's app uses the same authentication mechanism. They should just display the stinking qr code. I'm not installing that app.
Appears the Xfinity Authentication App has a few more features included specific to Comcast/Xfinity accounts:
I have to agree that it is silly to have a "special" 2FA app just to access one vendor's online customer service account. The veteran 2FA app user won't use it, they have a soft 2FA token app from Google, Microsoft, Authy or LastPass already, Xfinity should support them. And it is disingenuous to allow the uninitiated to believe such a one off app is necessary, not to mention non-supportive of industry interoperability. It's energy that could have garnered them some respect, instead it is off-putting.