My company stopped allowing OTP and required Microsoft Authenticator on personal phones. I was one of the few to refuse, eventually they gave me a Fido key. While I also use a less Google version of Android, I didn’t talk about that when it was happened, just the principal that this is my phone, not the companies.
I told them my os is non standard, Graphene, and if they need anything more than 2fa codes, it’d need to be on one of their devices.
My company stopped allowing OTP and required Microsoft Authenticator on personal phones. I was one of the few to refuse, eventually they gave me a Fido key. While I also use a less Google version of Android, I didn’t talk about that when it was happened, just the principal that this is my phone, not the companies.