When utilizing google authenticator as the MFA of choice for DO: the login token only considers the beginning of the email address as the identity instead of the full email address to ensure it's unique.
For example: I set up MFA with a DO account as firstname.lastname@example.org, then i set up another account with DO and configure MFA for email@example.com what happens here is only the beginning of the email address is being utilized as a source of unique information. When I set up my 2nd account it overwrote the MFA for firstname.lastname@example.org
The MFA implementation needs to consider the entire email address or some other type of UUID. The MFA identifier needs to be truely unique.