Later this month we will be adding security to the "Manage Login Settings" and "Manage MFA" experiences. For users who are already using Sophos Central MFA, we will require a validation of their identity using Multi-Factor Authentication (MFA) before they can manage their currently configured MFA. This prompt is a security enhancement to ensure the viewing/addition/removal of authentication methods is only done by the legitimate user. We also have work underway to document this new security behavior in our knowledge base.
Keep a look out for this change to begin appearing in mid to late February!