> Two-step registration is a significantly improved sign up flow<p>It is usually worse for users using a password manager, since some of them will not be able to detect/autofill the password field on the second page. But I haven't checked, maybe Kratos UI is supported by all major password managers and this is not an issue here.<p>Since the parameter is called "enable_legacy_flow", does it mean it will be removed in future releases?
Happy self hosted Ory user here, thank you for building out.<p>Has the process around customising the UI improved recently? That was by far the biggest pain point for me when setting it up.
I've said it before but I really cannot believe Auth0 doesn't offer TOTP 2FA in their "essentials" tier. Ory Kratos seems to offer it at their lowest tiers which is good.<p>It costs nothing (unlike SMS) so I'm not sure why Auth0 wants to charge $240+/month just to get basic 2FA.
Thank you. We've been using self-hosted kratos for a couple of years now - and we're big fans. Quality has improved across the board from the early releases, and the product just keeps getting better.
I have recently added passkey support for a few apps just to support a newer Auth standard. All i can tell, i have been very unimpressed.<p>LOGIN UX has become very confusing.
Users have been vendor locked down.
Since windows and mac and linux users have to deal with multiple key management which isn't ideal.<p>In my opinion, it isn't any more secure over mfa.