2FA with 3 Choices

Steps to enable a three-way 2FA:
2 Phones + 1 eMail
or
2 eMails + 1 Phone

Don’t think that is possible.

It would be much easier and way more secure to simply use your password + a Yubikey (hardware key), which cannot be hacked or used remotely. My .02

Welcome @genai to the community!

By three-way, are you referring the way a three-way light switch works – either phone would satisfy the “something you have” factor? Or, are you suggesting that you would need to click “yes” on both phones?

One thing to keep in mind is that the factors are “something you have”, “something you know” and “something you are”. Two-factor requires using two different factors. Three-factor would require all three, although no standard promotes that. Instead, the next step up from two-factor is to add a hardware requirement (e.g. a YubiKey) to the “something you have”.

Using the same factor multiple times does very little to enhance security – you would need to carry both phones together, and two 10-character passwords is not much different than a single 20-character password.

That said, “loss of access” is also a security issue, which can be mitigated by having redundant options, so I do see value in the “three-way light-switch” interpretation. And, there are bits of that today. One can register up to 5 YubiKeys to login to Bitwarden, only one of which is needed at any given moment. And, one can scan the TOTP secret key into multiple authenticators, resulting in them all displaying the same verification code.