Before saving the changes in OTP Policy setting, there should be a warning that Authenticator will be reseted/disabled for all users in the realm.
I believe this could be a minor security risk - a simple OTP attribute change (like token period) will immediately disable one of the security layers for the whole realm without any notice.