Depends, usualy they would need to obtain and use your 2fa code before it resets to the next code.  So if for instance you was on localbitcoin, set up a transaction, your screen freezes, then are redirected to a log on page requiring your 2fa code, I would not put it in, as this is a hack, and will give the 2fa code via a fishing page or other exploit, that will then be used to release the funds, while your screen is froze.