2FA setup requires a password. Passwordless accounts don't have one.

[dluks]

Existing documentation URL(s)

• https://developers.cloudflare.com/fundamentals/user-profiles/2fa/

This is a bug both in the documentation AND in the actual 2FA setup workflow.

When a user creates an account using SSO (passwordless), and then wishes to enable 2FA, they are required to enter a password. SSO accounts don't have a password, and the 2FA process does not instruct them on how to create one. Navigating to "Change Password" doesn't help, as the user is then required to enter their "old password", which doesn't exist.

What changes are you suggesting?

Include instructions for SSO-created accounts (e.g. Google, GitHub, and Apple) for how to set up 2FA when they don't currently have an account password both in the documentation as well as in the actual profile management section of the application.

Additional information

• Navigate to https://dash.cloudflare.com/profile/authentication -> https://dash.cloudflare.com/profile/authentication/management -> https://dash.cloudflare.com/profile/authentication/add-security-key.
• Note that you are now prompted to enter a password that doesn't exist.

• Navigate to https://dash.cloudflare.com/profile/authentication
• Click "Change password"
• Note that you are required to first enter an "old password" that doesn't exist.

[gimlichael]

Any solution to this? It's a classic - but I must admit I was surprised to see this at CloudFlare.

[0x4rch]

I found a workaround:

Go through their "forgot password" routine assuming you have email access to the account you SSO'd with.
https://dash.cloudflare.com/forgot-password

That allows you to set a password for the account!