Need better explaination text when asking for the initial 2FA code

[jacobian]

When you first enable 2FA, it asks for a code which seems weird because you just turned it on. We should explain better that we're prompting for the code to make sure that everything is enabled correctly.

[mdz]

The issue I was reporting was a different one. If you look at my transcript, I was asked twice. Once before I was even shown the QR code.

This was when Pedro had disabled 2fa on my account, so maybe it was in some kind of weird state, but this is what happened:

minnie:[~/heroku] heroku twofactor:enable
WARN: this will change your API key, and expire it every 30 days!
To enable, add the following OTP to your favorite application, and login
below:
Enter your Heroku credentials.
Email: mdz@heroku.com
Password (typing will be hidden):
Two-factor code (leave blank if none): ... <-- asking for two-factor code when
enabling 2FA??
[...QR code...]
Enter your Heroku credentials.
Email: mdz@heroku.com
Password (typing will be hidden):
Two-factor code (leave blank if none): ...
Enabled two-factor authentication.

[friism]

Related to https://github.com/heroku/heroku-two-factor/issues/30 - seems like the plugin, when installed, will always ask for code.

[brandur]

This issue will be fixed by heroku/api#2158.

[brandur]

Suboptimal UX mentioned by @jacobian fixed in 16d9110. The process now looks something like:

$ heroku 2fa:enable
WARN: this will change your API key, and expire it every 30 days!
To enable scan the QR rendered below then login again.
<qr code>
If you can't scan this qrcode please use 2fa:enable --browser

Re-authenticate with code to activate two-factor.
Enter your Heroku credentials.
Email: brandur@heroku.com
Password (typing will be hidden):
Two-factor code: 684037
Enabled two-factor authentication.

Problem mentioned by @mdz confirmed fixed by heroku/api#2158.