Add links 'use a numeric / hardware token instead' to the 2FA login pages, using the list of available 2FA mechanisms found in the auth Response.