FB 2 factor auth works with TOTP. There is a code generator in our app, and you can set it up with Google Authenticator or other TOTP implementations.
However, there are people in the world that don't know much about computers, don't own a desktop, and their smartphone is the only general computing device they have. Throw in that mix the issue that quite a lot of these people have a low end device, where they can't install every and all apps they want. There are phones (one of them on my desk) where installing Facebook, WhatsApp, Messenger, and Hangouts pretty much maxes out the device memory. You can't afford a dedicated authenticator app.
At the same time, there are a lot of people that like to logout explicitly from their Facebook app before they close it.
So, no dedicated TOTP. No second device. Logged out, so can't use the built in code generator. What's your option for still using 2 factor auth for security, but making it as easy as possible for the legitimate account owner on their primary device, because said owner might know jack about computers?
However, there are people in the world that don't know much about computers, don't own a desktop, and their smartphone is the only general computing device they have. Throw in that mix the issue that quite a lot of these people have a low end device, where they can't install every and all apps they want. There are phones (one of them on my desk) where installing Facebook, WhatsApp, Messenger, and Hangouts pretty much maxes out the device memory. You can't afford a dedicated authenticator app.
At the same time, there are a lot of people that like to logout explicitly from their Facebook app before they close it.
So, no dedicated TOTP. No second device. Logged out, so can't use the built in code generator. What's your option for still using 2 factor auth for security, but making it as easy as possible for the legitimate account owner on their primary device, because said owner might know jack about computers?