This has happened multiple times to me. It's also an issue when working in a building with poor reception, or travelling abroad.

Secure phones are sub-$200.

If you have multiple accounts, services, etc, then backing up your 2FA codes, or registering two devices/phones at the same time should be on your radar.

This doesn't sound like something your average user is going to be doing in most cases - keeping a backup, secondary phone.

We've already successfully gotten people to start using some level of 2FA in the form of SMS-based identity validation along with their password.

That's a pretty impressive step forward, and sufficient for most non-specifically targeted users' usage.

Until they're targeted.

You can fool carrier customer service with no training.

Yes, that is indeed what I said.

edit: everyone has a threat matrix they have to deal with.

NOBODY is targeted to be robbed until they are — what?

> or registering two devices/phones at the same time

A substantial number of services don't support this, which is a serious impediment to using 2FA both safely and securely.