They say it's less convenient, that doesn't mean they say it's wrong. And yes it is less convenient, why are you saying it's "horrible"? Security is always about compromises, if the less convenient method causes people to come up with workarounds then it would be worse even if in theory it's more secure.
> if the less convenient method causes people to come up with workarounds then it would be worse even if in theory it's more secure
but that's literally what this is... the less convenient method (2FA) caused people to come up with workarounds (saving 2FA secrets in their password vaults)... and I'm saying it's horrible
