This idea has been merged into another idea. To comment or vote on this idea, please visit A10-I-171 Return of email two factor authentication.
We need a way to verify users still work for the vendors responsible for supporting our systems. By sending the code to the company email address of the user, we have some level of assurance the user is still employed by the company/vendor providing that email address. Allowing a user to install an authenticator app on a user-owned device provides no confirmation the user is still employed by the vendor.