Clients will only ask for 2FA in the following cases:
- Vault is logged out and not just locked
- Device did not have ‘remember me’ checked when 2FA was initially given
To reset the ‘remember me’ option, you’ll need to deauthorize sessions in your web vault.