Multifactor via phone verification is great right up until a call center monkey at your telco doesn’t follow process and gives away your phone number to a hacker.

… Oops.

(Incidentally, this is one of the many exciting reasons SMS-based multifactor is no longer recommended by NIST.)