On Thu, 05 Sep 2013 13:10:56 -0400
Ricky Elrod <codeblock(a)elrod.me> wrote:
On 09/05/2013 01:01 PM, Ian Weller wrote:
> On Thu, Sep 05, 2013 at 04:50:04PM +0200, Pierre-Yves Chibon wrote:
>> 3) Ask for password, validate, then ask for 2 fa is set up
+1, my first instinct was this method as well, and yes it is something
that a lot of other sites with 2fa seem to be doing (two other
examples to add to your list are digitalocean and amazon aws).
The extra security seems worth it.
I guess this option is ok with me.
kevin