diff --git a/src/Controller/UserController.php b/src/Controller/UserController.php
index f2cca764a..5b6cf39a8 100644
--- a/src/Controller/UserController.php
+++ b/src/Controller/UserController.php
@@ -265,7 +265,7 @@ public function enableTwoFactorAuthAction(Request $req, #[VarName('name')] User
             throw $this->createAccessDeniedException('You cannot change this user\'s two-factor authentication settings');
         }
 
-        $secret = (string) $req->getSession()->get('2fa_secret', $authenticator->generateSecret());
+        $secret = (string) $req->getSession()->get('2fa_secret') ?: $authenticator->generateSecret();
         // Temporarily store this code on the user, as we'll need it there to generate the
         // QR code and to check the confirmation code.  We won't actually save this change
         // until we've confirmed the code
diff --git a/src/EventListener/ResolvedTwoFactorCodeCredentialsListener.php b/src/EventListener/ResolvedTwoFactorCodeCredentialsListener.php
index df23d879f..23fe0df92 100644
--- a/src/EventListener/ResolvedTwoFactorCodeCredentialsListener.php
+++ b/src/EventListener/ResolvedTwoFactorCodeCredentialsListener.php
@@ -17,9 +17,9 @@
 use Symfony\Component\EventDispatcher\Attribute\AsEventListener;
 use Symfony\Component\Security\Http\Event\AuthenticationTokenCreatedEvent;
 
-#[AsEventListener(event: AuthenticationTokenCreatedEvent::class, method: 'onAuthenticationTokenCreated', priority: 512)]
 class ResolvedTwoFactorCodeCredentialsListener
 {
+    #[AsEventListener(event: AuthenticationTokenCreatedEvent::class, priority: 512)]
     public function onAuthenticationTokenCreated(AuthenticationTokenCreatedEvent $event): void
     {
         if ($event->getPassport()->getBadge(ResolvedTwoFactorCodeCredentials::class)) {
diff --git a/src/Form/ResetPasswordFormType.php b/src/Form/ResetPasswordFormType.php
index 77f9b5816..b9a211485 100644
--- a/src/Form/ResetPasswordFormType.php
+++ b/src/Form/ResetPasswordFormType.php
@@ -26,8 +26,9 @@ class ResetPasswordFormType extends AbstractType
     public function configureOptions(OptionsResolver $resolver): void
     {
         $resolver
-            ->setDefault('user', null)
-            ->setAllowedTypes('user', User::class);
+            ->define('user')
+            ->allowedTypes(User::class)
+            ->required();
     }
 
     public function buildForm(FormBuilderInterface $builder, array $options): void
diff --git a/src/Form/Type/EnableTwoFactorAuthType.php b/src/Form/Type/EnableTwoFactorAuthType.php
index 360ae4042..773f37bd4 100644
--- a/src/Form/Type/EnableTwoFactorAuthType.php
+++ b/src/Form/Type/EnableTwoFactorAuthType.php
@@ -37,8 +37,9 @@ public function configureOptions(OptionsResolver $resolver): void
         $resolver
             ->setDefaults([
                 'data_class' => EnableTwoFactorRequest::class,
-                'user' => null,
             ])
-            ->setAllowedTypes('user', User::class);
+            ->define('user')
+            ->allowedTypes(User::class)
+            ->required();
     }
 }