Display TOTP secret

[gooseleggs]

Not an issue per se', and haven't done a pull request as trivial. Is it acceptable to provide the TOTP secret through to the view as well as the TOTP graphic. Reason being, as the developer can then decide whether to display this to the user. There are use cases where the user needs to copy/paste the TOTP code into an application, other than shooting it with the camera. Example would be into a password manager installed on the machine where the web browser is installed.

Second request would be recovery password(s) option.