"A 2FA bypass is not a bug because you'd need to know the username and password to use it"

uhhhhh folks what do you think 2FA is for?