Comment by y4mi

> if unable to do that, I could provide the 2FA code sent to that same backup email address (how would I be able to know this without being able to know what the address was?)

Two options from the top of my head:

1. you have email forwarding configured so received mails will be delivered to another account. That's generally configured in the settings of the provider (I.e. directly under account settings in Gmail iirc)

2. You have a logged in device which receives mails through an application password. You cannot read it out because it's masked and even if you could, it wouldn't help you because it's only allowed to receive mails, not login.

I don't think this is particularly rare, honestly.

But yes, it is obnoxious.