One of our customers at my firm has the following question:
"Is it possible to forward second authentication on registered email address rather than on mobile application?
Some projects like the idea of 2FA and they never want to compromise with its core idea even if the smart phone is lost or damaged. In the events of mobile theft/loss/damage, getting new mobile phone takes time and projects do not wish to disable 2FA temporarily.
So, could you please inform if second authentication can be forwarded also to registered email ID?
OR
In such events, can there be one admin/project lead who receives OTP on behalf of affected project user?"
I don’t know about his solution of forwarding the OTP to an email or to an admin since that’s not how it normally works but would there be a workaround on Keycloak for this situation (for example emails with codes instead of sms/authenticator with the codes?).
Please advise.