Did you ever have a case where your phone got lost, stolen or wiped and then you were really in trouble because you didn’t have any of your MFA setup working?
This happened to me in a job years ago when my phone was lost in a cab and as soon as I realized it I bought another phone and remotely deleted the contents of that phone. It happened again where I went to login to my web hosting provider Rocket.net and I didn’t have the MFA in Microsoft Authenticator.
I reached out via the form on the website and explained what happened. They emailed me back and asked me to verify the last four of my credit card number and the payment amount last night. I did that and this morning they took off the MFA and I was able to get in.
Now it is helpful that they verified who I was and I don’t mind that at all. It wasn’t helpful that initially their email went to my spam folder, but in the name of security some valid email gets sent to the spam folder. Isn’t it funny that often valid emails go to spam and junk gets shown in your inbox? Nothing is perfect.
I wish there was a better way to replicate and backup your MFA setup to make the process easier. Perhaps one day 1Password or Password built into the mac or MS wallet will have this functionality. We are getting easier with time, we just need patience.