Okay, so I didn't know that the "log in with other account" can bypass 2FA for the account to log in, so that is interesting. Outside of that though, if I already have 2FA set up with the Facebook or Google account that I'm using to log in to these sites, then that account is secure outside of a physical security breach, right?
If someone did get their hands on my phone, would they still need to be able to get in with passcode or fingerprint? I always thought that the standard passcode encryption would be strong enough that I'd not be vulnerable to the thief logging in to random accounts due to saved credentials. And if they got their hands on my phone and it was unlocked, then I'm kinda screwed either way aren't I?
Or is the argument here that if you're using a password keeping application that there's 1 more layer to your security? If I'm using at least even very very basic security best practices, isn't it almost vanishingly unlikely that the change actually becomes relevant?