No - because the phishing page can act as a MITM attack - where they display the 2-factor login on the phishing page - and post the entered code to Google, confirm they are in (and receive the cookie enabling access) - while displaying the page back to you.

So 2-factor actually provides a false sense of security here.

Edit: unless you have U2F as per @makomk comment below

Unless the second factor is U2F, because the actual domain is handed to the U2F dongle by the browser and the authentication is tied to that.

Thanks - good point :)

But for the Google Authenticator and SMS - it would still be vulnerable.

What about getting a text message in your phone, a call, or the google mobile app? Will it be effective against this kind of attack?

> [...] which would prevent this type of attack.

Depends. See the discussion in the previous post about this: https://news.ycombinator.com/item?id=13372985