I'm having trouble figuring out how to set up TOTP from start to finish:
User enables MFA.
User gets presented with a TOTP code (which I assume I can run through a QR code library to generate a QR).
User syncs code with their choice of MFA software (Authy, 1Password, etc).
User gets prompted to enter verification code from MFA device to confirm.
The documentation for this repo is pretty lacking, and it's quite difficult to figure out how to do all this.
Also, do they have to set up SMS first? I would hope that users don't need to do that, because many may not want to use their phone number, not to mention it's unreliable to depend on text message for 2FA (someone might be in a place with no cell access).
I'm having trouble figuring out how to set up TOTP from start to finish:
The documentation for this repo is pretty lacking, and it's quite difficult to figure out how to do all this.
Also, do they have to set up SMS first? I would hope that users don't need to do that, because many may not want to use their phone number, not to mention it's unreliable to depend on text message for 2FA (someone might be in a place with no cell access).