Description

2FA enable/disable is a sensitive action . As the application triggers a notification on all sensitive actions like email change/password reset , 2FA is also an important security feature to be notified about

Proof of Concept

1) Go to https://rdiffweb-dev.ikus-soft.com/prefs/mfa 
2) Do all necessary steps to successfully enable 2FA
3) Check the inbox of your registered email
4) You will notice that there is no notification triggered on this security endpoint