Seems nice. Maybe we can generalize the text a bit to avoid "both" (since you can have multiple of them).

While testing I'm curious whenever it renders an empty <p></p> of if it's discarded. It seems it will generate an empty paragraph to me. So maybe we want to avoid to call that appendParagraph() (?)

good points <3

Awesome. Optional bonus point, since this legacy feature thing is indeed veeeery confusing and very-Phorgi, maybe we may want to add a "Why" Phorge decided this, and highlight potential pitfalls.

Note: You already have an Auth Factor configured. Adding another factor will require you to always provide all Auth Factors, thus, dramatically increasing your corporate security (at the price of slowing you down even more).

lol

Hmm could you share why it's a "legacy feature"? I guess I'm clueless

(I just mean the feature comes from Phabricator, not from Phorge; sorry I always pick random words to express myself)

Maybe better to just expand dialog, so, less code to maintain (?)

$dialog = $this->newDialog()
  ->setTitle(pht('Choose Factor Type'))
  ->appendChild($menu)
  ->addCancelButton($cancel_uri);

if ($viewer->getIsEnrolledInMultiFactor()) {
  $dialog->appendParagraph(pht('Pi Pi Pi Bla Bli'));
}

return $dialog;

(Nice ping-pong lol)

I'm too stuck in Serious Business Mode to introduce another string to translate, I'm afraid :-/