Registering multiple users on the same device causes locked out users

[EdHurtig]

I know this is a bit of a dumb issue because who would ever do this, but it does cause problems and should probably be fixed.

Steps to reproduce: Have 2 users: user1 and user2 and check the disable passwords for clef users setting. Do not install the waltz extension because that makes things even more confusing and weird

1. Activate clef for user1 with phone
2. Logout of clef on phone and logout user1 from WordPress
3. New browser window (incognito for sanity)
4. Login to WordPress as user2 with password
5. Activate clef for user2 with the same phone as before - This shouldn't be allowed, but it is
6. Logout user2 from phone and WordPress
7. Use phone to Login to WordPress... Who to login??? hmmm problem 1. It chooses user1 for me. Not sure if it goes by first user ID, First Registered with Clef, or First alphabetical username.

• Problem 1 Multiple Users linked to same clef account/phone who gets logged in...
• Problem 2 The user that clef doesn't pick when you scan your phone is completely locked out of their account now because clef is active for their WordPress Account and Passwords are disabled... :-( https://www.dropbox.com/s/717jergd6p4ukyp/Screenshot%202014-06-18%2015.37.56.png and I can't get into the user2 account with clef

Recommendation: Check to see if the Clef Account is already linked to another WordPress User before linking it.

Thanks! Clef is a great service and I love it. Keep up the good work and let me know if you would like be to whip up a patch.

[jessepollak]

Thanks for the bug report — just pushed a fix for this which will go live in the next release.

[EdHurtig]

Thanks Jesse!