Two-factor authentication codes sent via text message now support the origin-bound draft standard. This standard makes such codes easier for phones and other devices to parse and more phishing resistant by limiting the domains to which the device will prompt to autofill the one-time code.