The confusing part about online security is knowing *when* it's safe to give your SMS two-factor auth codes to a third party.
@danj I mean the one-time codes you get via SMS that include a message like "don't give this code to anyone"