Being able to remember a device is nice, but there currently is no way to clear out remembered devices. If using a device limit, this eventually runs into a situation where you can no longer remember any devices.
Set a limit on the number of devices you can register, the remember that many devices. You will no longer be asked to remember future devices.
There are two paths forward that I would propose:
#1, keep the 'remember this device' checkbox on the login page, and if the users limit is reached replace the 'oldest' device with the new one when the box is checked. This is not necessarily ideal so option #2 is,
#2, add a new tab & page to /user/* that lists their registered devices, and allow them to remove individual devices (or clear all remembered devices)
A new tab should be added to the /user/* page called '2FA Remembered Devices' or similar that directs the user to a page that lists all currently configured 'devices' on their account, and give them actions to remove individual devices or all devices from their account, so that they can remember new devices.
Active
5.1
User interface
BUMP. Checking in on the status of this. Aside from having to increase the number of remembered devices to a really high number (and therefore making remember device limit pointless), there is no way to forget remembered devices for users. When the limit is reached, they are no longer asked to remember any more devices.