You Login
& Pass are Correct
Waiting for your Mobile Confirmation
Waiting for your Mobile Confirmation
User is recognised via cookie (or alike), when opening the website. No logins/passwords, all is done through mobile 2FA. The same works for business process auth type cases.
It is for maximum speed and convenience for your users.
User enters login/email, presses the Login button, and the rest is done via mobile 2FA.
As a sub case - user forgot a password, gets instant access from just the login.
User first passes full standard auth with login and password, then the mobile 2FA auto starts.
This way is about maximum security.