When using a currently untrusted device it's kinda tedious to enter the OTP (generated on another device or sent via email).
If the device used to generate OTPs is currently trusted, it might be a lot easier to authorize the "new" device directly from there.
This could work by offering a new method "Trusted Device".
If this method is selected, (all) trusted devices would show a message to authorize the "new" device with a click / tap (or reject / cancel).
If accepted, the "new" device would automatically finish the TFA process.
If the device used to generate OTPs is currently trusted, it might be a lot easier to authorize the "new" device directly from there.
This could work by offering a new method "Trusted Device".
If this method is selected, (all) trusted devices would show a message to authorize the "new" device with a click / tap (or reject / cancel).
If accepted, the "new" device would automatically finish the TFA process.
Upvote
6