This screenshot, is one of the most dangerous thing in web3 right now.
Don't know why? Let me explain...
This is the preferred method that Discord phishers are using lately.
It is a pop up window, it looks like one your browser made, but it isn't.
It is javascript, and you never left the webpage they sent you to. Usually fake Discord verification bot page.
Entering your Discord information on this page will not send it to Discord, it is sending it straight to the attacker.
totp 2FA will not save you (a security key here probably would save you.)
This Browser-in-the-Browser attack is easy to foil, here's how you protect yourself:
NEVER SIGN INTO ANY SERVICE THAT POPS UP IN A NEW WINDOW FROM A LINK.
Close the pop up, open a new browser window. Navigate to the service yourself. Log in there.
That's it, do that every time. This can apply to crypto too. Never sign a txn that pops up after clicking a link someone sent you.