Could we please move away from the Authy only 2FA implementation currently used and provide standard TOTP and QR codes?

This would work much better for people who already have a stack of 2FA accounts in other solutions, remove reliance on a single application, fix issues with support (eg. Windows Phone), remove the need for a phone number (important for younger users I'd imagine) and generally increase flexibility and usability of 2FA for everyone by not locking us into a proprietary implementation.

It would be really nice to use a usb device for 2auth (something like the yubikeys).

Also provide other options for 2FA apps not just Authy

SMS as 2FA is well known to be the least secure of the methods available but still a better option than no 2FA at all, but I suggest an option to disable it as a fallback after having enabled Authy to lessen the security risks to the user account. You could learn from others mistakes such as Reddit's: https://arstechnica.com/information-technology/2018/08/password-breach-teaches-reddit-that-yes-phone-based-2fa-is-that-bad/

the need to use other time based 2FA without the need of a SMS capable phone to use. Many sites now uses 2FA and a single platform to build it around doesn't make sense.

please use a open system

In https://help.twitch.tv/s/article/two-factor-authentication?language=enUS#Emotes?ttcontent=twofactoremoterewards&ttmedium=notification_center it says that "When you set up Two-Factor Authentication on your account, an Authy account is automatically created for you even if you choose to actively use an alternative authentication app. This means you can fill out Authy’s Phone Change Form and recover access to your account." I don't need you creating an Authy account behind my back. You have to give us the option to undo this.

This just ruins twitch altogether, please please please go back to singing in with email.

Mehrshad

Please add support for using one or more hardware U2F tokens for 2FA, e.g. Yubikey, Solokeys, etc. devices. Please also add this as a stand-alone 2FA option that does not require a mobile phone or other authentication application if possible.

Log IPs of all attempted logins to an account. This way we can report suspicious behavior to you and to authorities/banks when it occurs.

Reason being, I have received multiple 2FA codes on my phone and have no way to report these unauthorized attempts to access my account. I have changed my PW and am still receiving these codes. I have ran two separate virus checkers and come back empty from both.

Thank you.

when you look in the privacy settings in your account, you can see the full phone number for your 2FA. Can this be blocked? When changing and entering into privacy, pw and 2fa is enabled again. amazon does this and I feel that they are taking our privacy seriously. 2FA just doesn't do it anymore, esp if you can bypass it the first time

I do not want to stream on twitch, i do not want to be innately apart of any streaming program. If there are to be creator tools or a creator dashboard separate all creator and developer tools