Ask HN: How is Google prompt more secure than Google authenticator (TOTP/HOTP)

4 points by indigane ↗ HN
Google is constantly pushing to move from authenticator codes to Google prompt, due to it being more secure according to them. I can not find any explanation on the security of authenticator vs prompt. With my limited knowledge, I believe both are susceptiple to phishing, so what's the security benefit?

1 comment

[ 5.7 ms ] story [ 9.2 ms ] thread
It is still 2 factor auth. And according to them the most smooth one.

In OTP/TOTP it doesn't matter where the OTP comes from, so code is the second factor. In google auth the mobile device is the second factor.