, swheaties wrote

The flatulence about two factor auth is a red herring and not the subject of this thread.  A phone is not any more of a security device than a laptop or a desktop or a wristwatch or an abacus.   BTW please note that MS can, and does, obtain hardware ID's and various software ID's from computers and phones.  This is only one of dozens of reasons why MS does not need to REQUIRE your phone number.

In azure's case it's not about two-factor auth. It's about making it harder to pay for Azure accounts using stolen credit cards.