Plugin works great, only one complaint

The plugin works great and I’m very happy with it, though I’m managing several other users that I wanted to enforce 2-factor authentication on as well. My complaint is the lack of an automated/easy on-boarding for the 2-factor setup of users that haven’t set it up yet.

The problem is after you enable the 2 factor authentication plugin, all other users not currently logged in will (upon next login attempt) be presented with the 3rd login field requiring the google authenticator code, generated from the app. But they haven’t initiated the process yet of retrieving the QR Code from their account. So this was my workflow in setting it up for other users:

Disable the Google Authenticator plugin. Login with one of the managed users. Once logged in, re-enable the Authenticator plugin. Then as the logged-in user in another browser, go to my profile, setup the new 2-factor account on my phone using the QR code and ensure “Active” is saved under the Google Authenticator settings.

Not a huge pain but a little roundabout, as I have to disable and re-enable the authenticator plugin every time I need to setup a new user’s 2-factor authentication (since I / they need to first login to the system so they can then have access to their 2-factor settings in the profile section once the plugin is re-enabled).

On another system I’ve used in the past that had it’s own implementation of 2-factor, it worked by not forcing existing users to enter their 2-factor code on the first login screen. But instead, they login with their user/pass and if they pass that login, then they are forced into the 2-factor setup with the QR code etc.

Anyways, a minor complaint but just wanted to make sure I wasn’t missing something here in my workflow of managing users’ 2-factor setups.