Should employers pay for employees’ phones if 2FA apps are required?

Article note: If an employer MDMs a device, or has root/admin on it, or prevents the owner from having root on it because their B2B security theater crapware takes exception to root and/or running under a VM, they pay for it and any service or upkeep. Gray zones include open standards - like TOTP or SMS - that you can noninvasively integrate into existing tools - and things jailed to VMs on machines the owner controls. I'm still forcing UKY's Duo setup to degrade to SMS mode because it thinks (almost? I have a phone rigged with Knox based pseudo-rootful ad blocking that might pass - I don't care to try) every device I own is tampered. Occasionally I get an automated-looking prompt about it and fill in "You can supply a dongle, pay for a phone, support an open standard like TOTP, or deal." No idea if anyone reads it.