Most Google 2 factor these days is done through an app asking for you to tap to confirm on your smart phone. No numbers pass because it's all done through machine-to-machine calls.
-
-
Oh, I see. I meant the general idea of pressing a button that does crypto stuff, which could be in an app, or it could be a U2F device. Hence the confusion. If all the app does is tell you a number that you then use on the phishing site, then indeed that is not very secure.
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.