Looks like even push notifications can be too pushy! The LA County Health Department got breached because someone got so many login alerts they just gave up and hit "approve." Cybersecurity lesson: sometimes, less is more.
Nope, the proper lesson is to provide a secret (such as a 2 digit code) with the 2FA request that the authenticator must also present instead of just hitting "approve".