Why do call center support staff ask me for my 2-step verification token?
I have enabled enabled two-step verification for my go-daddy account. It feels secure when I log in online, I can always confirm with the HTTPs certificate I am logging in to the correct godaddy website and that my connection is secure.
The problem I have is that when I call godaddy support, the person on the line asks me for my token.
Sharing my temporary token over the phone with somebody whose identity I have not confirmed feels dodgy. I do not even know if they really do work for godaddy, there is no way of verifying that over the phone (like the HTTPS certificate verification for WWW).
Why is the godaddy support system used by call center godaddy staff asking them for the temporary token to access my account?
I have Two-Step Verification enabled on my account, and I find it unusual that GoDaddy support would ask for a Google Authentication Code in order to assist me with my actual problem (versus a PIN code). I assume that only I, the customer, would have eyes on the Google Authenticator codes for login purposes and no one else. Is this a legitimate requirement of support to be able to assess my problem?