I am not sure how someone would hack your F2A, somehow reroute the code to the hacker somehow? I think F2A is pretty safe. Ledger is basically an advanced F2A and the new mewconnect also acts as an advanced F2A
I am not sure if anyone has ever been hacked using F2A. It would be interesting to find out. Maybe someone who knows more then us can answer us?
You mean 2FA, right? He is talking about SMS based 2FA, which is a terrible idea. Have you never seen this?
https://medium.com/coinmonks/the-most-expensive-lesson-of-my-life-details-of-sim-port-hack-35de11517124