Two factor authentication that uses hardware tokens or software end points like Google’s Authenticator are not affected by this. This is purely SMS vulnerability.
Granted, Google’s Authenticator and other software endpoints are only as secure as the OS and installed applications they run on and with, but they are not affected by this vulnerability.
