Think your application is safe because it requires a two-factor authentication (2FA)? Think again! Recent reports have unveiled the vulnerability of many 2FA schemes to phishing attacks. If this makes you worried or curious, or if you have figured out a solution to this problem, let’s gather and discuss the reported incidents in this area, and the different solutions that have been proposed, including FIDO. Attendance is strictly limited to allow for a small group experience.