After enabling both IBM factors AZFPTKT1 and AZFTOTP1 on ACF2 logonid, get following error: ACF01044 PASSWORD PHRASE NOT SET FOR LOGONID XXXXXXX

Syslog shows: AZF2211E Auth preparation failed, cannot evaluate

Where AZFTOTP1 is used to logon to TSO and AZFPTKT1 is using MFA with DB2.

Release : 16.0

Component : ACF2 for z/OS

The IBM MFA sign-on needs to happen first before using the passticket. Change the IBM MFA settings for AZFPTKT1 to set PassTicket Evaluation set to N as shown below and recycle AZF* started tasks: 

User Defaults                                              
                                                           
  Require MFA Logon prior to                               
  PassTicket Evaluation . . .   N     ( N or Y )         
  PassTicket Evaluation Window.   600                      
                                                           
Plug-In                                                    
                                                           
  Initial Trace Level . . . . .   0  ( 0 - 3 )

ACF2 PTF LU02479(SUPPORT ENHANCED PASSTICKETS AND THE IBM MFA AZFPTKT1 FACTOR) is needed to enable IBM factor AZFPTKT1.

PTF LU00711 related to IBM MFA and it's pre-chain is recommended.