All of the MFA implementations I've seen so far are much less convenient than passwords and/or require information disclosure to unsavory companies.
All security is a trade-off with convenience. (Wouldn't it be more convenient if you just had your user name, with no password to remember?)
From a convenience/handing over data perspective, I've used:
- Mobile app notification: minimal inconvenience, who knows about data (though not an inherent issue)
- Phone call: slightly more inconvenient than an app for most, but you need to hand over your telephone number.
- SMS OTP: probably slightly more inconvenient than a phone call in most cases; again, you need to hand over your number.
- TOTP/HOTP and similar (RSA SecurID springs to mind): like SMS OTP except no data.
The only other option I'm aware of (am I missing any?), and looks very interesting to me, is U2F. This keeps the "no data" aspect of TOTP etc, while reducing inconvenience to be similar to a mobile app. From a security perspective, it also allows a lot of potential weaknesses affecting the above to be avoided.