[davis_m]

If a user is willing to press the button, a PIN isn't going to stop them. Your app is decreasing security in favor of usability, which is not something look for when they are looking to implement two factor auth.

I think anyone who would blindly use your proprietary two factor solution that makes it easier for end users to authorize other people to log in would be silly.

[markkum]

I can use similar arguments; a user can be tricked to enter an OTP to a phishing site. For that the hacker does not need to time the attack to the same second, so it's much much easier attack for the hacker.

'No 2FA' is the real silly one here. Any 2FA is so much better than no 2FA, and usability has been a big issue so far in 2FA adoption.