Don't make email / phone number a requirement to enable security key 2FA
Please do not make email address and phone number verification a mandatory requirement in order to enable 2FA via U2F / Yubikey / Webauthn. This is just backwards thinking and creates a lot of friction for adoption of security keys as a 2FA method.
1472nd
ranked
