Sure DM anytime if you feel inclined. Can use non-nostr too, like simplex. Appreciate the answer, very informative. I always equated 2FA auth apps with the hardware RSA (?) token things workplaces would sometimes give (just less secure due to being digital versions). This felt equal in security but I guess it comes down to my lack of understanding of the cryptography employed between the two methods. Sorry if I botched the summary, figured I'd summarize in case I missed something. The private key for this instance appears to just be digital thing stored with iCloud/keychain, so wasn't clear what possible advantage there was.