I’m sure that would be beneficial from a user point of view, but then it is not possible to achieve with two factor without email.
The only (common and standards based) methods for two factor would be:
1. Email reset or magic link for 1st factor.
2. Webauth for second factor.
How would an email provider achieve this?
Remember that even with webauth, that replaces one factor, not both.
The good implementations you’ve shown still use username/password when logging in from a fresh browser, it is only relying on external auth after you have authenticated once (in that browser).
I’ve finished the training I was running today, so I’ll try to create another option now, barring travel-sickness.
Cheers,
-Alastair
_____________________________
From: lisa.seeman
Ahh, I assumed re-authentication just excluded the first time sign up.
I think it is better to stick with authentication and add an exception for transcribing during sign in
All the best
Lisa Seeman
LinkedIn<http://il.linkedin.com/in/lisaseeman/>,