When filling in the 2FA page the user needs to be quick before the 2FA code changes. Its standard behavior across the net that authentication code entry fields are preselected in such case. i.e. the cursor is in the field and the user can start typing right away. With XF this is not the case. As users will expect this, they will start typing the 2FA code without anything being entered. As 2FA refreshed quickly the user may have to enter a new code. Which is unfriendly to the user. For mobile this is more problematic, because the user will often copy-paste the code. But the input field can be below the fold and hidden behind a notice. This will deter users. Preselecting the input field would resolve this on most browsers.