Recovery Code - Fallback options after loss of access to Authenticator app

[smashm]

The remember the browser function was a big step forward for everyday usability.

I would also like to see a fallback option integrated in case users can no longer access their authenticator app, for example if their phone is lost or stolen.

Currently, access can only be granted via manual administrative intervention, which is particularly inconvenient for users without access, in larger communities for admins, too.

I am aware of these options, for example:

• Hetzner's consoleH provides a recovery key via snail mail
• Users can generate multiple stock emergency keylists for download, e.g. LinkedIn 5 pieces or Facebook 10 pieces
• On Xing, this is limited to one, but can also be generated at any time

Personally, I think one code would be enough, but a few more certainly won't hurt for some users.

[errotu]

I would also support such an enhancement very much! The backup codes are quite common as fallback option for services using 2FA.

Currently, access can only be granted via manual administrative intervention, which is particularly inconvenient for users without access, in larger communities for admins, too.

How does the manual administrative intervention actually work? Is there a per user possibility to (temporarily) disable 2FA? I didn't find any information about it in the docs.

[E1chn3r]

I would also love to a function to reset the 2FA. Maybe with backup codes or the possibility for admins to create an admin code for the users to log in which is valid a couple of hours.

Are there any plans for the feature?