Make the interface and workflow more explicit, in order to prevent loss of recovery code
I have set a recovery code, and I wanted to check whether one may unset it. Meaning, going back to no recovery code at all. Unless I'm mistaken, this information is not given anywhere.
So I clicked on the Edit icon of Recovery code. A dialog box appeared, with two options : Show, and Update.
So I clicked on Update. You need to give your password, then you get another box with your recovery code. There's no real choice for you there. You can either Copy it (I don't need to, it's already in my password manager), Print it, or just say OK (what does that mean ?).
So I OK'd my way out of this box, and tried the Show option. Password needed again, then exactly the same box appears, with the recovery code.
OK then, I said to myself, it seems you can't unset the recovery code, it's a one-way street. (Not wanting to re-start the controversy, but that should have been made clear from the start. You're risking distrust and anger by giving users the feeling they have been trapped into something.)
Then I prepared to log out. Then I thought : WAIT ! Is that the SAME recovery code ? So I checked : it was not. Just clicking on Update CHANGED the recovery code. But there's no warning. It's not explicit at all. The box which opens is exactly the same after you click on Show or on Update, except for the code -- but nothing looks like a string of characters than another string of characters. Nowhere it says : your recovery code has just been changed, you must now copy it.
The phrase "Please take a minute to write down you recovery code" does not work, because it's exactly the same you read after clicking on Show, and it's exactly the same you read when generating your recovery code the first time.
The interface should warn very clearly before, and after, what the software is going to do, what it has just done, and what you may or need to do accordingly. The visuals should be different if you just want to just read your code, or change it.
I very nearly found myself living for years with a recovery code I thought I had dutifully recorded in my password manager, but would not work in case I needed to reset my password.