Premium 2FA downgrade configurable

Any time you see “U2F”, think “premium”

Thank you for your post!

Feature name

  • Configurable core 2FA downgrade

Feature function

  • What will this feature do differently?
    • Lower priority core 2FA options are only available as a fallback if the account leaves premium status
      • Could be tied into a delayed 2FA account recovery mechanism. Don’t want to detract for main subject.
  • What benefits will this feature bring?
    • Account is not left in a state of no 2FA if only premium 2FA methods are desired to be used
    • Does not require allowing weaker 2FA options when using premium
  • Remember to add a tag for each client application that will be affected
  1. I don’t want to allow any weak 2FA options. U2F only
  2. I don’t want to have no 2FA because premium status is lost

Would probably be important to have some way to validate TOTP/Email is functioning properly. A backup is not a backup if it cannot be tested. So an on-demand dry-run test of TOTP/Email would be important.

Related topics + references

  • Are there any related topics that may help explain the need and function of this feature?
    • None noticed
  • Are there any references to this feature or function on other platforms that may be helpful?
    • None noticed