Would love to hear from @bubble folks who have successfully implemented secure 2-factor authentication for their application’s users.
We have considered the following solutions:
Bubble’s baked-in option. Downside: poor documentation, we can’t find any examples of an app that uses it. We’re getting weird behavior when validating the generated token.
Generating the token on our end via a random string and sending via SMS OR generating the token via this plugin. Downside: Many of Bubble’s workflows rely on just “Is the Current User logged in?” → then do the thing. We would need a reliable way on the front end and in Privacy Rules to check for Current logged in && (if they have 2FA turned on) are they validated?
Any help / feedback / what you did is appreciated!