Administrator Account cannot be reset

[poddus]

Describe the bug

During first login to an administrator account, an OTP Key is generated. This connects the administrator account to a specific OTP generator on a specific device. Changing the OTP generator or the device is not possible after it has been done once. It is, however, possible (and deceptively easy) to delete the administrator account. Doing this immediately leads to HTML 500 errors and the administrator account can not be reset. It is possible to request credentials to be reset using the onboarding email, however no confirmation email is sent.

Expected behaviour

1. the administrator account is reset to it's initial state and the account can be set up again as before.
2. a very clear warning is given to the user that deleting the administrator account completely revokes access to the platform. Upon deleting the account, the user is gracefully logged out and given confirmation of a successful deleting instead of a 500 Error.

Steps to reproduce the issue

1. delete administrator account

Possible Fix

1. option to set up a new OTP device after initial set up