-
Notifications
You must be signed in to change notification settings - Fork 8
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Handle the case that If "I have printed or saved these codes" in backupCodes is not clicked #190
Comments
Seems like an unfortunate interface interaction, particularly given that once they enter the backup code screen codes are generated. Is there some background as to why we don't enable them, straight after save, irrelevant of whether the user clicks a confirmation? |
IMO it's good that they're not enabled until the user confirms they've saved them. Otherwise they may think that they've canceled out of setting them up, but in reality they've been activated. I think that's even more necessary given the behavior of WordPress/two-factor#507 (which will hopefully change in the future). The user should be able to enter the screen to see the status and regenerate codes, though. |
At the moment, if a user doesn't click "I have printed or saved these codes" after backup codes are generated,
and directly go back to account-status screen, the enable status isn't correctly updated and reflected.
The text was updated successfully, but these errors were encountered: