Not planned Redirect back to forum after using Authy one touch authentication on mobile

[RobinHood]

I'm not sure if this is possible with authy, there's also the consideration that this would require knowing that the login attempt came from a mobile device.

Is it possible to detect when a mobile device is being used to login with Authy, and then redirect the user back to the mobile browser after successful authorisation?

It currently leaves you within the app and you have to switch back to the mobile browser to finish the login.

On some sites mods and admins may be required to use 2FA for security, but may not be massively tech savvy. Leaving the user in limbo in a 3rd party app may be a little confusing for some of them. It would make the login experience that little bit smoother if there was a final redirect back to the forum.

 

[Chris D]

That’s not something in our control.

It will of course also vary by mobile device.

In terms of iOS, you get the little navigation widget in the top left corner which switches you back to the last app.

But it’s also worth noting that with iOS you don’t even need to navigate away from the browser. You can force touch on the notification to get Approve or Deny actions, or pull it down for the same actions.

I’m sure there are equivalent actions on Android.

The behaviour may also not be desirable even if it were possible. If the 2FA request was triggered because I logged into my laptop, I might approve it on my phone but I don’t actually need that to then log me in via my phone. (Especially if it then ends up triggering another 2FA request when it logs in )

But moot point. There’s nothing XF can do here. This is all down to the OS functionality and the Authy app itself.

 

[RobinHood]

But it’s also worth noting that with iOS you don’t even need to navigate away from the browser. You can force touch on the notification to get Approve or Deny actions, or pull it down for the same actions.

Ohh, that sounds good, doesn't seem to work for me though?

The behaviour may also not be desirable even if it were possible. If the 2FA request was triggered because I logged into my laptop, I might approve it on my phone but I don’t actually need that to then log me in via my phone. (Especially if it then ends up triggering another 2FA request when it logs in )

Yeah, which is why it would need to know if the original login request came from a desktop or mobile browser.

No worries though, was just a thought It boggles my mind the amount of times I have to show people how to properly switch apps on their phone without backing out to the home menu and then finding the other app they want to bring back into focus.

 

[Chris D]

Only thing I can think of is if it depends on these settings which I have switched off:

 

[RobinHood]

Found it, that’s so much better!

Shame the Deny button is bright red, and the approve is black. I was automatically drawn to and tapped the red button by mistake the first time