use the reissue mechanism only with webauthn
We have a mechanism where we allow logins only with the second factor if the last login was very recent (maybe this is not a good idea anyway). But for most people the totp is more annoying to get than the password. So let's use the reissue mechanism only with webauthn.
Please register or sign in to comment