Summary

Like Gitlab, the idea is to have a 2F module that authorize to register an U2F key only if a TOTP has been registered. Auth process proposes the 2 options

More

This cannot be done with TOTP and U2F plugins:

• during auth, U2F will be enabled with TOTP input, user has just to touch is key or enter its code
• If TOTP is unregistered, U2F keys will also be removed