Per IBM Instana's security documentation, management of two-factor authentication (2FA) is controlled directly via administrative functions in the web UI. The guidance reads: "Administrators can remove a user’s 2FA association by navigating to Settings > Users, choosing the user, and using the remove or reset 2FA option in the UI." This workflow is safe, auditable, and leaves a traceable event in the audit log, satisfying enterprise security policy requirements. Direct API or CLI deletion of 2FA is not the recommended (or documented) method for Instana-managed users, and database-level manipulation (D) is unsupported as it risks data corruption. The UI approach is verified for both on-premises and SaaS installations.