I made 2 mistakes when trying to enable 2FA on an account. I think the UI should be improved to prevent these mistakes.
-
When I enabled 2FA for an account, I inadvertently reset the password for the account also. I think that the page where 2FA is enabled should not include the password field.
-
On cPanel and other systems where I can enable 2FA, before the 2FA data is written to the database via the button “Modify”, these systems ask me to type in a 2FA code generated using the barcode I just scanned. This guarantees that the 2FA generator is working correctly prior to truly enabling 2FA on the account.
In my case, there was a problem with my 2FA generator and the codes it produced did not permit login. To fix this, I had to run mysql queries on the cyberpanel datbase.