As described in title. I cannot find a path for requiring TFA for new user registrations. I currently have the following setup:
1. A rule to auto-assign a "require TFA" role to a user after registering
2. A TFA requirement for users with the "require TFA" role
However the problems are two-fold:
1. At no point during registration are they prompted to create a password
2. At no point during registration are they prompted to enter TFA settings
So when they login, they can't use a password (because they haven't set it up yet) and they can't use the one-time login link to setup their password, because TFA logs them out immediately due to their role requiring TFA.
I feel like this is a popular scenario for this module so I am curious how others have handled it.
EDIT: Essentially, if a user has a role that requires TFA, their attempt to login will be blocked. And the user has to be logged in to setup TFA. So in order to allow a user to setup TFA, we can't require they have it setup.
I feel as though a pretty obvious solution would be to have an option to allow users with roles requiring TFA but that have not set it up yet to be prompted to set it up after logging in or be forced to logout.
Closed: outdated
2.0
Code
Not all content is available!
It's likely this issue predates Contrib.social: some issue and comment data are missing.
Drupal 7 end-of-life triage:
Drupal 7 reached end of life on January 5th.
The 7.x branches of TFA do not have any additional planned releases.
The requests in this issue do not appear to exist in the 8.x-1.x and newer branches (as long as at least one skipped login is allowed).