HenryIt's not "2-Factor Authentication" if you're sending me an email with the code in it, which I then look at on the same computer where I'm trying to log in.
That's just sparkling #security theater.
mitten@mitten and in this case, #KoFi, do offer the ability to set up 'real' 2 Factor Auth, but in that process they force you to give them your phone number so they can send you a back up code via SMS...presumably on the phone that you've lost if you can't use your authenticator app? Not to mention that SMS is about as private and easy to spoof as email.
Sigh.