There are several different cases for user registration and login, and we're going to cover them all:
When a user registers to your app, you can immediately call Cotter's SDK to register the mobile device as a Trusted Device. This way, the user's account can now be accessed from the trusted device without needing a password.
Logging in from a trusted device is instant. Your users can immediately access their account without doing anything. Your app can optionally require Biometric/PIN to make it more secure.
If your user try to login from a different phone, or from a web browser, then they will receive a prompt in their Trusted Device, asking them to approve the login request. Once approved, the user can access their account from Non-Trusted Device. But this doesn't mean that the new device is now a trusted device. Subsequent logins from a Non-Trusted Device will always require approval, even when approved.
The user can register another device as an additional Trusted Device. The Trusted Device will need to scan a QR Code shown in the other device to explicitly register that other device as a Trusted Device.
Once the new device is registered as a Trusted Device, the user can now access their account from both devices with ease.