AFAIK, there is no two-factor provider auth implementation in client side. Because of that, If you enable a second factor, server doesn’t accept regular login/password, only accepts token. So, it is expected behavior. You should generate app password to authorize clients.