The UX of the 2FA web page requires an annoying and unnecessary extra button click.
The initial 2FA page has a disabled text box and a button, both labelled “Enter a Passcode”. I cannot enter the passcode into the text box initially.
Entering a passcode involves ignoring the text box, clicking on the button, and then entering the passcode into the now-enabled text box, then clicking “Log In”.
Why is that first click required at all?
Are you referring to the traditional Duo Prompt experience?
The new Universal Prompt login experience changes how users perform passcode entry. If your application supports Universal Prompt try turning that new UI on to compare.
Yes, it looks like I get presented with the “traditional” Duo prompt. I’d happily switch to the new UI but the docs indicate that it would require my IT department to make the change, not me, and that’ll never happen unless Duo forces the upgrade.
We’ll be communicating more information about the Universal Prompt and how to plan for the transition from the current prompt out to our customers as the Universal Prompt reaches general availability, including to the Duo admins in your IT department 
.