MFA Needs to be Setup Constantly
Hi,
After successfully setting up MFA using Google Authenticator, Reckon One tells me that MFA hasn't been setup, and I need to set it up again (after 24 hours or after clearing my browser cache). This is extremely annoying, and a waste of time. This has been happening for at least the last month or so. If Reckon One thinks that MFA hasn't been setup after 24 hours, how secure is the MFA implementation, if everything has to be setup all over again like MFA was never setup in the first place?
Anyone else having the same issues?
Answers
-
That sounds a bit strange. Is it actually asking you to setup MFA from scratch again each time OR is it asking you to enter in a MFA code?
The latter is normal as the MFA challenge prompt will appear asking you to enter a code however being asked to setup MFA again altogether isn't.
Sorry to ask the basics but, are you logging into the same account each and every time? ie. do you have multiple Reckon Portal accounts with us?
0 -
Hi @Rav,
I think I've figured out what's going on now. When the MFA window pops up, and I click on the 'Enter 6-digit code' input, my password manager (1Password) fills in the MFA code, and automatically submits the form. However, it looks like the 'ENTER MY RECOVERY PIN' button is the default submit button for this form, which redirects me to the recovery screen. This happens fairly quickly, so it's hard to work out what's going on, and it just appears as though MFA has been reset, and prompts me to recreate it.
I believe the 'VERIFY' button should be the default submit button for the MFA form, so that anyone using password managers doesn't get automatically redirected to the MFA setup form.
The workaround for now is to hit the browser 'back' button, and paste or enter the 6 digit code manually.
0
