In my experience two factor auth sends a a text message to the provided phone number with a code which you then enter on screen so retaining control of the number is a requirement.