I’ve been going through updating all of my accounts (passwords, 2FA, etc.), and I’ve noticed that there are a lot of sites that don’t offer any form of MFA.
I can understand smaller services that might not have the bandwidth, but surely larger organisations are able to get this setup?
You’re ignoring the part about having to go find your phone. MFA apps still require you to do that.
My second paragraph literally points out that the majority of Internet traffic now is mobile, around 58%. More likely than not, any given person is already on their phone. No need to find your phone when it’s in your hand and you’re already looking at it.