I have always wondered why "Enable alternate 2FA" only supports "Email" and "Backup codes"
I would prefer to allow ie. Yubikey as Primary and Google Authenticator as alternate 2FA
My Feature request: Allow same list of 2FA options in Primary and Alternate 2FA (and maybe even allow 2x yubikeys, one for primary and one for alternate)
Nice to have: It would also be great if Administrator optionally could receive a notification email, when alternate 2FA is used by a user
We'll add this to our TODO.
Our (soon coming) major release is all planned out, your request may not even be prioritized before March. Sorry about that.