I use this too, but I don't think it actually prevents the attack described in the article, at least in my case. When I setup my 2-factor auth for my Google account, I also setup a series of backups in case I lost access to my phone. One of them was my phone number, and another was a phone number of a trusted friend.
It prevents human engineering of the phone company. One might hope that Google would be better at the security implementation (i.e. the BT operator apparently "validated" an incorrect password, which indicates to me that it was a quick hack, probably just a field in the customer record about which the operators weren't trained).
Also: I'd hope that Google wouldn't allow a complete account reset based solely on the backup device. That should be a backup for your second factor only, you should still need the password.
