mozillians.org is using a second auth0 client to verify Google and GitHub accounts. If a user has ever used an MFAed account, then the lock does not allow users to verify non MFAed ones. Ideally, we want to allow both MFA and non-MFA methods for verification.
gdestuynder
commented
6 years ago
mozillians.org is using a second auth0 client to verify Google and GitHub accounts. If a user has ever used an MFAed account, then the lock does not allow users to verify non MFAed ones. Ideally, we want to allow both MFA and non-MFA methods for verification.
cc @andrewkrug @gdestuynder