I forgot to include this in my original post. I use the Microsoft authenticator application to authenticate my account. My mistake was also including my mobile number as an alternative way to authenticate my account. I don’t know if I was aware of this or if Microsoft prompted me for my phone number at one time and I did not think through all the ramifications.
We set up multiple different types of recovery and backup and restore options for the saas pass authenticator and password manager to let you the individual be able to customize it as you wish.
The threat model is increasing for personal use as solely SMS based account recovery is becoming more widespread. The increase in crypto usage is another accelerant.
