I don’t know about any changes in this area, I’ll have to check in with @Ilia or Jamie.
But, I do know there is a webmin command to disable 2FA, for occasions where something goes wrong with your second factor.
# /usr/libexec/webmin/bin/webmin disable-twofactor --help
Usage:
disable-twofactor --user username
Options:
--help, -h
Print this usage summary and exit.
--config, -c
Specify the full path to the Webmin configuration directory.
Defaults to "/etc/webmin"
--user, -u
Name of the user to disable two-factor authentication for.
(I’m not sure why webmin isn’t added to the path, yet, I thought we’d gotten that sorted…but, you can call it with the full path to the command in /usr/libexec/webmin/bin or /usr/share/webmin/bin.)