Enable 2FA without verifying the email

It is possible to activate two-factor authentication on an account even when the email address associated with it has not been verified. This can result in the legitimate owner being locked out, as 2FA takes effect without confirmation from the email, preventing normal account access or registration. This summary was generated by AI