Yeah that's a good point, I wanted to experiment with it being part of the signup flow rather than a power-user thing hidden in settings that only a minority would look for and enable. But yeah after email confirmation may make sense.
Can see the value in encouraging 2FA but maybe after sign up there's a notification that you "haven't set up two factor authentication yet"?
curious what issue you had? was there an error?
Yes, but I have to admit that I didn't record the exact error ... I would say that my validation code was no longer valid at the time of submission, and then I tried to re-generate one without changing the registration TOP code... Sorry I wasn't very conscientious about evaluating the error.
But finally, I found it confusing to have to create this two-factor authentication directly on the account creation form ... From an interface point of view, it might be more smooth to provide it on a second step, maybe after email confirmatinon page ?
Yeah that's a good point, I wanted to experiment with it being part of the signup flow rather than a power-user thing hidden in settings that only a minority would look for and enable. But yeah after email confirmation may make sense.
This is a bonfire demo instance for testing purposes
