I just changed the Chrome Extension settings to force a logout, not a lock, on Browser Restart…I had assumed that this meant I would be forced to use 2FA.

However, it doesn’t seem to make any difference - I tested a number of times and it just asks me to login with my Password. Am I doing something wrong?

You activated the “Remember me” setting, when using 2FA.

It looks like you are correct - Although I thought it was just remembering my login, I never hit the “Trust this device” 2FA button on any site/app with 2FA that I use.

It doesn’t make it clear that it will never ask me for 2FA again…At the very least I would expect a logout to force 2FA again…otherwise logout and lock are the same thing.

That said - Changing the “Remember me” to “Trust this device forever” would definitely help as it at least syncs up with most other 2FA implementations

Agreed.

(At least it isn’t google… which autoclicks “trust this device”/never-ask-again every time I use 2fa even though I uncheck it every time.)