requirement
- make users perform two-step authentication with SMS
- pre-set user’s phone number
(-> Users do not need to register a phone number)
setting
Current settings are as follows.
- enable “Multi-factor Authentication - SMS”
- enable “Always require Multi-factor Authentication”
- enable “Rules - Require MFA once per session”
result - first login
- enter email and password
- enter phone number
- receive & enter 6-digit code
- enable “I have safely recorded this code”
- continue
- login
result - second login
- enter email and password
- receive & enter 6-digit code
- login
requirement / summary
make the first login the same flow as the second login by achieving requirement