There are some that do, true, but also a boatload that don’t. In my personal experience, most don’t.
Most do, unless they’re some small town bank. That could be the difference, perhaps.
Most interesting, I checked 2fa.directory and lo and behold, one of them shows that use 2fa! It’s the dinky SMS one, but still better then none! Sad part is that a) they never informed me and b) it’s completely optional also c) this must be something from the last year or so as I’m one of those people who actively gives feedback
?
2-step verification requires you to enter a unique code every time you sign in to Chase.com on a browser. This helps ensure that it’s actually you and not someone suspicious.
https://www.chase.com/digital/resources/privacy-security/security/how-you-can-protect