search

aws-amplify / aws-sdk-ios

AWS SDK for iOS. For more information, see our web site:
https://aws-amplify.github.io/docs
Other
1.68k stars 885 forks source link

Recovery codes for use with TOTP MFA #4633

Closed tylerjames closed 1 year ago

tylerjames commented 1 year ago

State your question I would like to set up TOTP (authenticator app) based 2FA in my app. I can get this set up relatively easily but I would like to provide users with some backup codes in the event that they lose access to their authenticator.

This seems to be common practice when using MFA (try adding 2FA to your Github account right now and see what happens) but I can't seem to find how to do it with Cognito.

Does this concept/feature exist with Cognito?

Amusingly, ChatGPT thinks that it does and it provided this solution:

awsMobileClient.getRecoveryCode { (result, error) in
  if let error = error {
    print("Error fetching recovery code: \(error.localizedDescription)")
  } else if let result = result {
    let recoveryCode = result.recoveryCode
    print("Recovery code: \(recoveryCode)")
  }
}

But I can't seem to find any mention of this method anywhere in the library. Either it was removed or ChatGPT is just feeding my a BS answer.

Which AWS Services are you utilizing? Cognito

Provide code snippets (if applicable)

Environment(please complete the following information):

harsh62 commented 1 year ago

Unfortunately, there is no API called getRecoveryCode. This is a known limitation in Cognito.

tylerjames commented 1 year ago

So ChatGPT lied to me?

Begun, the AI wars have

tylerjames commented 1 year ago

@harsh62 Any idea about this one then? https://github.com/aws-amplify/aws-sdk-ios/issues/4632

Trying implement MFA but mitigate the risks for users getting permanently locked out of their accounts.

harsh62 commented 1 year ago

Definitely. I will take a look and comment on that issue.