2FA UX - Text changes
Release notes
Problem to solve
Users are locking themselves out due to losing their 2FA codes.
Proposal
Some small text changes would help users better understand best practices!
-
In the screen where a code is scanned, recommend cloud-based apps (Authy, Duo Mobile, LastPass authenticator). "We recommend cloud-based mobile authenticator apps such as Authy, Duo Mobile, and LastPass. They can restore access if you lose your hardware device.".
-
At the end of setup, include a message to encourage the user to be sure they upload an ssh key if there isn't one present on the account. "You have set up 2FA for your account! If you lose access to your 2FA device, you can use your recovery codes to access your account. Alternatively, if you upload an SSH key, you can use that key to generate additional recovery codes."