Business Problem:
Currently, when signing in on the mobile app with Two-Factor Authentication (2FA) enabled, users are sometimes prompted to enter their 2FA code even if their email or password is incorrect. This can cause confusion and lead users to believe their credentials were accepted when they were not.
Desired Outcome:
Update the mobile login flow so that if the email or password entered is incorrect, an error message (e.g., "Invalid email or password") is shown before prompting for the 2FA code. This would prevent unnecessary steps and reduce confusion during login attempts.