There are sites that send you immediately a 6 digit code just by entering your email on their sign in page, they don’t even request a password. That means you could be phished on a fake website that when you enter your email there they do it on the real site, then you receive the real good code and enter it on the fake site.

▲

johnisgood 9 days ago | parent [-]

It is just the same old stuff with username & password combination. I used to duplicate websites, they looked exactly like the original, except I was storing the entered username and password combination. I did this when I was a kid. The process is the same (or very similar) with everything else that is not a password.

▲

ErneX 9 days ago | parent [-]

True, they do it to facilitate access to their site without a password, but personally I don’t like getting an email just because I entered my username to sign in (my password manager takes care of filling the form so that email with a code is unnecessary to me).

	▲	johnisgood 8 days ago \| parent [-]
		I agree, I do not want an email either.