Answered on twitter just now.
Great work on the 2FA page!
Added 1 more sentence on the 2FA page.
2FA can also be useful for advanced users the have the capability to easily detect any phishing attempt. That is because even if the e-mail address used to sign-up for a (financial) service got hacked because of the e-mail service got hacked, attackers could still not login into the user’s accounts due to lack of 2FA.
Advanced users sometimes have the mindset “I know how to detect phishing therefore I am not in the target group of people who could benefit frrom 2FA” but then even their e-mail account could get hacked without their fault (malicious employee, database leak) and in this cases they’d be better off with 2FA protected logins for everything else. Then a simple password recovery request wouldn’t suffice to hack all of their logins.
Not sure that point was made on that page?
Not really. My best understanding of 2FA benefit is for web services. 2FA “strengthens any password” and makes a hacked e-mail address less painful.