-
mh authored
* make it explicit TOTPs, as HOTPs can't really be shared with TOTPs * do not allow login with master pwd from auth frontends, that can't verify 2fa if user has 2fa * user can have multiple TOTPs and can also delete them
f5a3a816
* make it explicit TOTPs, as HOTPs can't really be shared with TOTPs * do not allow login with master pwd from auth frontends, that can't verify 2fa if user has 2fa * user can have multiple TOTPs and can also delete them