When we were advocating for moving away from SMS second factor auth, this isn't exactly what we meant...