Context
auths init currently only emits a passive warning when an identity has a single usable device (a recovery single point of failure — if that device is lost or compromised there is no second device to recover from). The status workflow already detects this (StatusWorkflow::needs_recovery_device).
Task
During auths init, interactively offer to add a recovery device (a second device) so losing one device doesn't lock the user out. Sizable UX change — interactive prompt + the pairing flow.
Acceptance
- After identity creation,
init offers to add a recovery device (skippable, non-interactive/--yes honored).
- Declining leaves the existing passive SPOF warning in place.
- Tested for both the accept and decline paths.
(Deferred for now; tracked for a future UX pass.)
Context
auths initcurrently only emits a passive warning when an identity has a single usable device (a recovery single point of failure — if that device is lost or compromised there is no second device to recover from). The status workflow already detects this (StatusWorkflow::needs_recovery_device).Task
During
auths init, interactively offer to add a recovery device (a second device) so losing one device doesn't lock the user out. Sizable UX change — interactive prompt + the pairing flow.Acceptance
initoffers to add a recovery device (skippable, non-interactive/--yeshonored).(Deferred for now; tracked for a future UX pass.)