Trying to preserve markup format in the output is likely a road to mental ruin (Hyperlinking, referencing, bolding, formatting in who knows what export formats). PhabricatorStringExportField should be sufficient.

the (Show Details) would be a great first step for us - and cover our needs. Much like the logs for Herald Rules and other areas.

In T13231#243710, @epriestley wrote:

Another issue here is that Duo doesn't seem to have a way to prevent new user creation. YIf you /preauth a user, they get an enroll link whether they already have an account in Duo or not, and there's no apparent way to distinguish between "this creates a new user" and "this encourages an existing user, who has already been created but has not enrolled a device yet, to enroll".

If we want to synchronize to existing accounts, I think it's not good enough for us to pick the user's email address unless that's also the username the organization already uses -- in your case, is it?

FWIW - most users of this feature (especially after T13229) will be organizations that already have DUO in their environment, and likely already have users defined in DUO. Creating random usernames, or PHID's is probably not going to work for most of those organizations. Phabricator does require email's to be unique (no reuse) so that might be a better choice for initial userid setting?

I missed the discussion in by @amckinley in D19843, which addressed my concern (same as you did above)... sorry for the duplicate question.

This isn't a fatal flaw in Legalpad, but would become a problem with wider adoption. I'll work on fixing this (so the MFA token sticks to the form) in the next set of changes.

We have a similar issue - however I think the "fix" is probably worse then the workaround.