Proposal 80791: Internet Identity upgrade, A Purple Experiment

That’s a good idea. If you generalize it then there could be a rule that in order to delete one “device” (where “device” includes recovery methods) you have to be logged in with a different one. Say you have N “devices”. With N=2 it’s clear - you have to be logged in with the other one, the one that you are not deleting. And with N>2 it means you have be logged in with one of the N-1 other ones that you are not deleting.

To be clear (AFAIU) these rules would be purely enforced by the front end. A different front end could behave differently.

But I am wondering if there are situations in which you actually want to delete the one that you logged in with and where it is not reasonable to ask the user to log in with a different one first.

We’ve just submitted a proposal that (among other things) fixes some of the issues mentioned here. Thanks for the feedback!

This in particular is now fixed: