Two-factor authentication bypass lead to information disclosure about the program and all hackers participate

**Summary:** Two-factor authentication bypass lead to information disclosure about the program and all hackers participate **Description:** Hi dear when you have an invitation from a program and to accept that invitation to see the program content you need to have Two-factor authentication turned on , try to use google app ==without an account== to turn on the tow factor in that way you can access the apps and accept the invitation and see all the program details and all hacker participate if you back to turn off the tow factor and set it again with your email from google app you will find that you have been emailed again with invitations to accept it like you didn't see that before ### Steps To Reproduce 1. Turn on the tow factor with any mobile with option ==without an account== 2. Try to access your invitation for any program 3. Accept the invitation to see all the program data and all participate 4-Back to turn off the tow factor 5-Turn on again and connect it that time==with your email== from google app 6-You will notice that you have been invited again to the same programs via email ████ ███████ 7- Accept the invitation that time to see all the data you have seen before ██████████ ==In the video you will notice that i have accept the invitation for mondoo program two times with the two factor time setup== ## Impact information disclosure for all the private programs data without being accepting the invitation