feat: Update account creation commands to clarify recovery email and 2FA setup options

src/account-creation/AccountCreator.ts

@@ -631,17 +631,23 @@ export class AccountCreator {
       let recoveryCode: string | undefined
       
       try {
-        // Setup recovery email if requested
-        const emailResult = await this.setupRecoveryEmail(confirmedEmail)
-        if (emailResult) recoveryEmailUsed = emailResult
+        // Setup recovery email (interactive if no -r flag and no -y flag)
+        if (this.recoveryEmail || !this.autoAccept) {
+          const emailResult = await this.setupRecoveryEmail(confirmedEmail)
+          if (emailResult) recoveryEmailUsed = emailResult
+        } else {
+          log(false, 'CREATOR', 'Skipping recovery email setup (-y without -r)', 'log', 'gray')
+        }
         
-        // Setup 2FA if requested
+        // Setup 2FA (only if --2fa flag OR interactive prompt accepts)
         if (this.enable2FA || (!this.autoAccept && await this.ask2FASetup())) {
           const tfaResult = await this.setup2FA()
           if (tfaResult) {
             totpSecret = tfaResult.totpSecret
             recoveryCode = tfaResult.recoveryCode
           }
+        } else {
+          log(false, 'CREATOR', 'Skipping 2FA setup', 'log', 'gray')
         }
       } catch (error) {
         log(false, 'CREATOR', `Post-setup error: ${error}`, 'warn', 'yellow')
@@ -2208,7 +2214,7 @@ ${JSON.stringify(accountData, null, 2)}`
   /**
    * Setup recovery email for the account
    */
-  private async setupRecoveryEmail(currentEmail: string): Promise<string | undefined> {
+  private async setupRecoveryEmail(_currentEmail: string): Promise<string | undefined> {
     try {
       log(false, 'CREATOR', '📧 Setting up recovery email...', 'log', 'cyan')
       

src/account-creation/README.md

@@ -54,20 +54,32 @@ npm run creator https://rewards.bing.com/welcome?rh=YOUR_CODE -r backup@gmail.co
 | `-y` | Auto-accept mode (skip prompts) | `-y` |
 | `--2fa` | Enable 2FA automatically | `--2fa` |
 
+**⚠️ Important: How `-y` Works**
+
+The `-y` flag **skips interactive prompts**, but **respects the flags you provide**:
+
+- `npm run creator -y` → Skips recovery email AND 2FA (nothing setup)
+- `npm run creator -r email@example.com -y` → Uses recovery email, skips 2FA
+- `npm run creator --2fa -y` → Skips recovery email, forces 2FA
+- `npm run creator -r email@example.com --2fa -y` → Uses both (full automation)
+
 **Examples:**
 
 ```bash
-# Minimal (no options)
+# Minimal (no options, will prompt for everything)
 npm run creator
 
-# With referral only
+# With referral only (will prompt for recovery email & 2FA)
 npm run creator https://rewards.bing.com/welcome?rh=B395E9D7
 
-# With recovery email (will be asked for code)
+# With recovery email (will be asked for code, then prompts for 2FA)
 npm run creator -r mybackup@gmail.com
 
-# Full automation with 2FA
-npm run creator https://rewards.bing.com/welcome?rh=B395E9D7 -r backup@gmail.com -y --2fa
+# Full automation with 2FA (no prompts, but requires manual code entry)
+npm run creator https://rewards.bing.com/welcome?rh=B395E9D7 -r backup@gmail.com --2fa -y
+
+# Skip everything (fastest, no security features)
+npm run creator https://rewards.bing.com/welcome?rh=B395E9D7 -y
 ```
 
 ### Interactive Flow