Preface: In an attempt to get this idea out there, I am attaching the conversation to the "Mobile Apps" category for lack of better placement. If there is a better category, please let me know.
Issue: 2FA, when enabled, must have an email and phone # active no matter what preference you set. The issue is in the security risk created when forcing a phone # to be an always on method when choosing how to authenticate your log in session. Your account is only as secure as the weakest link and spoofing (temporarily stealing) phone numbers is becoming very easy in the 2024 environment. This means that the eBay account can not have the enhanced security of forcing only the use of an authenticator app.
Proposed Solution: Allow all methods of authenticating log in sessions to be toggled (enabled/disabled) manually and independently. This would allow those who care more about their security to get the intended benefit of the authenticator app option.
Regards,
