Jump to content

MFA time, where to configure?


PatrickRQ
Go to solution Solved by Marc,

Recommended Posts

10 hours ago, PatrickRQ said:

It does nto work well because of this

"The user will always be prompted again on a new session." and this 

as long as I am unable to configure ACP session timeout the MFA timeout is useless. 

The two operate independently of one another. 2FA timeout would come up even if your session is active. I.E. 2FA timeout was set to 1 minute, you would be prompted every 1 minute when accessing those items.

With that in mind, we are looking into the ACP timeout still.

Link to comment
Share on other sites

I have set 2FA timeout to 12, then changed to 1 day.. I am still prompted to fill 2FA security code every 1h. I connected it because you say 2FA is being reset once session ends. So, if ACP session is closed (after default 1h) the 2FA still will be requested.

Edited by PatrickRQ
Link to comment
Share on other sites

1 hour ago, PatrickRQ said:

I have set 2FA timeout to 12, then changed to 1 day.. I am still prompted to fill 2FA security code every 1h. I connected it because you say 2FA is being reset once session ends. So, if ACP session is closed (after default 1h) the 2FA still will be requested.

Keep in mind 2FA will also prompt on login once the session is terminated. However, if you set 2FA to 1 min then every 1 min you will be prompted for 2FA. However, if you set it to 1 day and the session ends, it will still prompt you if you require 2FA as a part of your login.

Link to comment
Share on other sites

What I mean is that the ACP session timeout setting does not work SO when it gets terminated after default 3600 seconds the 2FA timeout setting has no effect if I want to set it greater than 3600 seconds.

In other words, one bug affects two features.

Edited by PatrickRQ
Link to comment
Share on other sites

1 hour ago, PatrickRQ said:

What I mean is that the ACP session timeout setting does not work SO when it gets terminated after default 3600 seconds the 2FA timeout setting has no effect if I want to set it greater than 3600 seconds.

In other words, one bug affects two features.

Think we're splitting hairs at this point 🙂 . The 2FA timeout is functioning as it should, if it is prompting you again on login. However, the ACP timeout is the real issue here. We will continue to inspect that in the proper topic and that will resolve the issue here as well.

Link to comment
Share on other sites

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...