2FA prompt doesn’t appear for configured users

  • The non-paid plugin version (= no remember this device) used to work fine until about 2 weeks ago roughly. I’ve received a customer hint that he ain’t ask for his 2F code anymore.

    Using the “log in as”-plugin which so far respected 2FA all along including blocking me from customer view due to missing 2nd factor, Now I can suddenly access those pages without being prompted for 2F, just like my customer.

    Did you accidentally include remember my device with the unpaid version or do we have a security issue here?

    best regards,

    Sven

    • This topic was modified 1 year, 9 months ago by Sven71.

    The page I need help with: [log in to see the link]

Viewing 1 replies (of 1 total)
  • Plugin Contributor robertabela

    (@robert681)

    Thank you for using our plugin Sven.

    I am sorry to read about your issue. I can confirm that the trusted devices feature is not included in the free edition.

    Off hand it is difficult to tell what could have happened on your customer’s website. There are a few things to check:

    1. Is the plugin still activated and running?
    2. Do they know what this stopped working? Was is exactly after the upgrade?
    3. Did they change anything else since this used to work, like the theme, login page URL, or install some security plugin?
    4. In the users’ profile page, can you see the 2FA options and if the 2FA has been setup?
    5. If you create a new user, can you set up 2FA?

    The more information you can share with us the better we can understand the context of the problem.

    Looking forward to hearing from you.

Viewing 1 replies (of 1 total)
  • The topic ‘2FA prompt doesn’t appear for configured users’ is closed to new replies.

Tags