-
Notifications
You must be signed in to change notification settings - Fork 9
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add ability to choose the default provider. #249
Comments
What if the default wasn't a specific provider, but rather, the last-used provider? |
Sometimes I need to use TOTP because I'm on a device that doesn't have my security key. When I return to my preferred device, I wouldn't want to be back to using TOTP. |
That's fair; I wonder if we could remember the last provider used per client then, long-lived session-agnostic cookie? Additional factor I'd like to add to this conversation; at present, only 30% of users have both TOTP and Security Keys enabled. |
If that's the case, it's probably fine to assume security keys as the primary and do nothing here? |
With the 30% number, yeah, I think it can be skipped for now, or at least left on a Low-priority maybe list. If it was higher, over 50% (as a random number..) then I think it'd make sense that maybe we'd want to offer further options here. |
If a user has registered (and enabled) 2fa security keys, they will be used as the primary provider. Let's consider adding the ability to change that default.
The text was updated successfully, but these errors were encountered: