2FA code is not verified until after confirming backup codes

### Observed/problematic behavior

See steps to reproduce

### Expected behavior

No "Invalid TOTP code" message

### Steps to reproduce

1. Start linking 2FA by scanning the QR code and setting up your 2FA authenticator
2. Enter the 2FA code and click "Verify TOTP code and activate"
3. Wait 2-3 minutes (may be shorter, at least a short enough time that creating an entry in a password manager causes the 2FA code to expire)
4. Paste one of the backup codes and click "Confirm"
5. Observe the "Invalid TOTP code" message:

![Image](https://github.com/user-attachments/assets/a779a099-e68c-4fa0-b59c-63dabfb3c9e6)

You can also enter a nonsense TOTP code such as `AAAAAA`, and it will not be checked until you paste one of the backup codes and click "Confirm".

### Other

_No response_

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

2FA code is not verified until after confirming backup codes #1466

Observed/problematic behavior

Expected behavior

Steps to reproduce

Other

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

2FA code is not verified until after confirming backup codes #1466

Description

Observed/problematic behavior

Expected behavior

Steps to reproduce

Other

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions