So found time to do a quick test as the error was strange.
And it’s actually a small bug on my side after a refactor.
The token get during validation was not reused later leading to a new token generation, but with the 2FA code being already invalid it fails. You can probably already properly connect with current version by putting the 2FA code just after it’s renew and be real fast to save then connect to the host.
In all cases next version will better handle this.