[coredog64]

2FA apps record physical location. Now you need to spoof time & location on your phone to log in.

[0x457]

Except I use YubiKey for my 2FA, so where my phone is irrelevant. Moreover, I've never ever granted 2FA app location permissions. Don't even remember any of them asking it. It's generally GeoIP and time is well...the same everywhere?