> a way for users to complete 2FA if they don't have access to their phone would also be helpful
Long term I think we should additionally support passkeys: https://www.tomsguide.com/news/what-are-passkeys. iOS and Android synchronise them across your devices so you'd be able to log in with anything logged in to your Apple ID or Google account.
We would still need a way to reset the users 2fa manually. As part of this we should also do an additional factor check, eg a one time email link as we won't practically be able to verify the users identity when they request the reset.
Long term I think we should additionally support passkeys: https://www.tomsguide.com/news/what-are-passkeys. iOS and Android synchronise them across your devices so you'd be able to log in with anything logged in to your Apple ID or Google account.
We would still need a way to reset the users 2fa manually. As part of this we should also do an additional factor check, eg a one time email link as we won't practically be able to verify the users identity when they request the reset.
Originally posted by @mbarton in https://github.com/rcpch/rcpch-audit-engine/issues/905#issuecomment-2082598450