Just tried it, if no 2fa is configued for your user, which obviously is not for the first time you login, you can enter something in the 2fa-field and the login still succeeds.
This is strange, no one reported something like that before!
Are you sure you have not changes something in the database?
With the following SQL, you can delete all 2fa configuration and passwords:
DELETE FROM egw_config WHERE config_app='phpgwapi' AND config_name='2fa_required';
DELETE FROM egw_ea_credentials WHERE cred_type=32;
When executing the SQL statements, they will tell you if something is deleted.
You should also delete the cache either via setup or by restarting the container.