Researchers find that the encryption of a user’s 2FA secrets are stripped after transportation to the cloud.