I deleted some 2FA security questions and now users are reporting problems updating to one of the new 2FA questions.
They are seeing the 2FA prompt (see attached image) and cannot enter anything in. Normally, after multiple failed attempts this would then send an email with a link to reset 2FA and use another question. Because there is nothing that can be entered they can't fail to login and/ or reset their 2FA via email.
From AdminCP I see the deleted 2FA fields similar to, "security_question_1", "security_question_2" and so on.
I make the assumption this is not the intended action and could be a bug?
Ted.