EDIT: You know, after some time to cool off, Google Authenticator 2FA can still be enabled and isn’t being phased out like the less secure SMS 2FA, so it’s really not the end of the world here. The chance of permanent lockout is avoided, even if the whole Google Prompt system is still wack.
You actually have to buy the unlocked bootloader version of phones directly from Google, not something the vast majority of people could accomplish on their own. It’s a selling feature they provide so they can cut out middlemen at carrier services like Verizon (either that or Verizon locks it themselves, idk). I feel like if they wanted to detect that a device hasn’t been used in months or years before requiring you use it and only it for 2FA, they could.
I think the carriers are required to do it after the phone is fully paid for.
usually u gotta ask them to do it, but yea. dunno about required but I’ve never had issues
It’s been a minute, but I think some federal agency made a rule about it a few years back.