If someone as access to my device to try to withdraw from the wallet app then he has access to my 2FA as well (unless hardware 2FA).
If someone access my recovery phrase then he can import the key in any other compatible software wallet.
So the 2FA only makes sense if you use a dedicated hardware 2FA wallet and someone has access to your phone and password?
Am I missing something?
I'm obviously talking about the Wallet app, not the Crypto.com main app.