When a user enabled 2FA, their credentials should immediately be updated or they should logged out and forced to re-login to make sure the token is 2FA enabled.
This is necessary to either force users to enable it or give them a notice in some way to enable it.
Currently the token is not updated and the new status cannot be properly detected.
When a user enabled 2FA, their credentials should immediately be updated or they should logged out and forced to re-login to make sure the token is 2FA enabled.
This is necessary to either force users to enable it or give them a notice in some way to enable it.
Currently the token is not updated and the new status cannot be properly detected.