Forum Discussion
As the issue was only regarding the TOTP code, not the regular username / password form, I'm posting the code for this second step only:
html
<!DOCTYPE html>
<html lang="de">
<head>
<meta charset="utf-8">
<title>Sign in</title>
<link rel="stylesheet" href="https://cdn.usebootstrap.com/bootstrap/3.3.7/css/bootstrap.min.css">
</head>
<body>
<div class="container">
<div class="panel panel-default">
<div class="panel-heading">
<h3 class="panel-title">2FA</h3>
</div>
<div class="panel-body">
<form action="/login/" name="login" method="POST" class="form-horizontal">
<input type="hidden" name="csrf_token" value="...">
<div class="form-group">
<label class="col-sm-2 control-label" for="totp_code">Code</label>
<div class="col-sm-10">
<input type="text" class="form-control" name="totp_code" value="" placeholder="6-stelliger Code" autocomplete="one-time-code" inputmode="numeric" autofocus>
</div>
</div>
<div class="form-group">
<div class="col-sm-offset-2 col-sm-10">
<button type="submit" class="btn btn-primary" name="action" value="verify">Anmelden</button>
</div>
</div>
</form>
</div>
</div>
</div>
</body>
</html>
As mentioned before inputmode="numeric"
helped 1P to fill in the code correctly, whereas autocomplete="one-time-code"
wasn't considered.