Thanks for the followup. I'm also on desktop.

When I click the second link, I'm forced to reauthenticate. During that reauthentication my only option for 2-factor auth is... a valid 2FA code. Backup codes are not allowed.

I suspect since you originally logged in with a 2FA code (I'm guessing), your session is marked as "recently two factor verified", and when I logged in with a backup code, I was not marked the same level of "secure".

since you told me I am using a I tried without 2FA code but with backup-code

> When I click the second link, I'm forced to reauthenticate.

Here, I am being asked my password.

Then get that page.

Probably the difference, like parent says, is that you recently used 2FA, from the same OP address etc etc, so even though you have signed in with backup code now Google still trust your sign in more than OP.