I’ve used authenticators since the '80s, so I am familiar with them. I recently added one per guild requirement so I don’t have much experience with this one.
It was interesting to see a one button approach, it is faster. But human behavior being what it is - it may encourage a less careful approach. Some kind of sync issue happened and I had to click the auth button on my phone twice … which I found sketchy. Sure, could be normal on your end but with everything I’ve seen, little things like that can be “tells” of something wrong.
I came out of that hoping for three things.
I wish that I could, from the authenticator, force logout of anything logged in. (edit: maybe even be able to disable/re-enable login from it)
I see that one-button-scheme is the default setting and there’s no way to make the code interface default. There’s no switch I can flip. Having to type in a code instead of pressing a button encourages better thinking and behavior. The one button approach is too friendly, human behavior is usually the weak link in security. I wish I could change the default interface to the full code, not one-button.
I wish that I could unlink this from my phone. Phones are awful platforms. I wish it was on a credit card sized thing, like it was in the old days.