Extend time to insert U2F on login
Problem to solve
When logging in with a U2F-enabled account, there appears to be a certain period of time the user has to insert their U2F devide into the computer's USB port. When I insert my YubiKey quickly after inserting my password, the indicator light flashes and I can log in. When I wait too long, however, the light does not flash anymore; I have to reload the page (which also involves re-sending the login-form) to be able to use my U2F device to log in.
That mentioned time is so short, that it is not enough for me to reach into my pocket, fumble around until I find my keychain, take it out, look for the YubiKey on my keyring, find the USB port on my laptop (especially in poor lighting conditions), and then inserting it the right way round.
Every user who logs in to GitLab and has a U2F key is affected.
Shoould be self-evident.
Extend the time the user has to insert their U2F device.
Permissions and Security
Should not pose any permissions problems.
As the time is not mentioned in https://docs.gitlab.com/ee/user/profile/account/two_factor_authentication.html#log-in-via-u2f-device, I don't think this will affect documentation.
Might need cross-browser testing to make sure that the change works in all browsers.
What does success look like, and how can we measure that?
Not sure. Time is longer, I guess?
Links / references