On Mon, Jun 22, 2026 at 3:43 PM Daniel P. Berrangé <[email protected]> wrote:
> > IMHO emailing admins is a process of last resort. You definitely need > that to be possible, but you don't want users to have to use it as the > primary process. > > When I talk of recovery tokens, I mean a system that is "self service" > that does not create a burden / bottleneck on our admins long term. I think that is a great goal, but how often does the need to recover a token actually happen?[0] Sure, we only have a small number of people with 2FA today, but the raw number of recovery incidents should be helpful to know (and can be improperly extrapolated to estimate the future load on the admins). Gary [0] Depending on where you have your TOTP token stored, some devices/services currently backup that up to their own account backup services (Authy, Apple, and Google (probably others) enable backup of your tokens to their various encrypted clouds, which (if you are doing it right) have their own 2FA recovery methods available to recover your account and data). -- _______________________________________________ devel mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/[email protected] Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new
