Having had this almost happen to me, I always strongly recommend that you remove your phone number from Gmail as a recovery method. And then go and test it out to double check.
SMS 2fa is okay but SMS recovery is not okay and high risk.
It's also ideal to have obscure email addresses used for, say, coinbase so that in the data dump they they likely have, containing your email to phone number mapping, points them to the email address not linked to coinbase.
SMS 2fa is okay but SMS recovery is not okay and high risk.
It's also ideal to have obscure email addresses used for, say, coinbase so that in the data dump they they likely have, containing your email to phone number mapping, points them to the email address not linked to coinbase.