It’s a start, but 2fa can’t stop spam.
If one can automate account creation including saving totp secrets, you suddenly have 2fa authenticated bots able to send spam.
Maybe you could get around that to some extent by leveraging sms verification during account creation, but how do you set that up to prevent burner numbers? Or smishing?
These are hard problems to address
I’m truly glad that it’s helping someone; however, for every one of you there are a hundred people denied important procedures because insurance has decided its opinion is more important than the doctor’s.
An easily available example off the top of my head is Styropyro’s most recent video where he might have cancer but Insurance has denied his brain scan.