I understand that you defeat 2FA by using the SMS suggestions with Continuity, hence why I emphasized separate OTP (one-time password) and U2F (physical device) being the best routes. I've seen several sites offer OTP codes to scan or copy and advertise Google Authenticator but there are sooo many better alternatives like Authy.