Hi there,

Is it possible to allow users to re-enroll into TOTP?
As far as I can see the following limitations apply:

- Only one device/google authenticator per user;
- User is unable to reset the device, and make NAM ask again for TOTP enrollment;
- If user misses the first prompt for OTP, he is never asked again and is not able to use it anymore.
- Admin can remove the token info from the store (ex.: /opt/novell/nids/lib/webapp/WEB-INF/classes/gauthkeys ) but is required to restart the NAM server

Am I missing something?