Force MFA

uhdamm

Don't know whether this is a bug or a feature request.

Seems "Force MFA" is not what it says:

….as when the user on first login is only presented with the "option" to enable MFA.

Is it possible to actually force the user to set up MFA, in order to be able to login?

Also, is it possible in the user list, for an administrator, to force a user to set up MFA, in order to access the site on next login?

Thx :-)

johnny

This is something we need to relook into and your right it deff needs to be forced

wrongecho

Lets give this a try: itflow-org/itflow1094

johnny

Fantastic works like a charm @wrongecho

uhdamm

Not quite there yet.,,,,

When "Force MFA" is set, the user is presented with the following on login:

Nothing prevents the user from hitting the "Back | Account" button, and thereby completely ignore MFA.

Goes for both new and existing users, when Force MFA is set.

If the users choose to change password and hit save, before setting up MFA, a new sign in is presented, and then the MFA window - which was never set up….

Is there a fix for this?

Thx 😊