MFA time, where to configure?

PatrickRQ · December 15, 2023

Hi,

Where I can modify MFA timeout for google? It is a bit annoying to reach phone every 1h or less.

I also ask to lift my posting moderation finally.

Marc · December 15, 2023

There is nowhere in which to change timeouts for this at the present time. You can only set that for all 2 factor. So go to 2 factor authentication>Settings, and you will see how often it should ask there.

PatrickRQ · December 19, 2023

It does nto work well because of this

"The user will always be prompted again on a new session." and this

as long as I am unable to configure ACP session timeout the MFA timeout is useless.

Jim M · December 19, 2023

10 hours ago, PatrickRQ said:

It does nto work well because of this

"The user will always be prompted again on a new session." and this

as long as I am unable to configure ACP session timeout the MFA timeout is useless.

The two operate independently of one another. 2FA timeout would come up even if your session is active. I.E. 2FA timeout was set to 1 minute, you would be prompted every 1 minute when accessing those items.

With that in mind, we are looking into the ACP timeout still.

PatrickRQ · December 19, 2023

I have set 2FA timeout to 12, then changed to 1 day.. I am still prompted to fill 2FA security code every 1h. I connected it because you say 2FA is being reset once session ends. So, if ACP session is closed (after default 1h) the 2FA still will be requested.

Edited December 19, 2023 by PatrickRQ

Jim M · December 20, 2023

1 hour ago, PatrickRQ said:

I have set 2FA timeout to 12, then changed to 1 day.. I am still prompted to fill 2FA security code every 1h. I connected it because you say 2FA is being reset once session ends. So, if ACP session is closed (after default 1h) the 2FA still will be requested.

Keep in mind 2FA will also prompt on login once the session is terminated. However, if you set 2FA to 1 min then every 1 min you will be prompted for 2FA. However, if you set it to 1 day and the session ends, it will still prompt you if you require 2FA as a part of your login.

PatrickRQ · December 20, 2023

Yeah, that's why I said I can't make an use of 2FA timeout because ACP session timeout is not respected.

Marc · December 20, 2023

Are you referring to when you are logged in, or after your session is terminated as my colleague mentioned? If its after the session is terminated, then that is by design

PatrickRQ · December 20, 2023

What I mean is that the ACP session timeout setting does not work SO when it gets terminated after default 3600 seconds the 2FA timeout setting has no effect if I want to set it greater than 3600 seconds.

In other words, one bug affects two features.

Edited December 20, 2023 by PatrickRQ

Jim M · December 20, 2023

1 hour ago, PatrickRQ said:

What I mean is that the ACP session timeout setting does not work SO when it gets terminated after default 3600 seconds the 2FA timeout setting has no effect if I want to set it greater than 3600 seconds.

In other words, one bug affects two features.

Think we're splitting hairs at this point 🙂 . The 2FA timeout is functioning as it should, if it is prompting you again on login. However, the ACP timeout is the real issue here. We will continue to inspect that in the proper topic and that will resolve the issue here as well.

Invision Community 4: SEO, prepare for v5 and dormant account notifications

Invision Community 5: Beta testing and latest updates

Invision Community 4: A more professional report center

Invision Community 5: A video walkthrough creating a custom theme and homepage

MFA time, where to configure?

Recommended Posts

PatrickRQ

Marc

PatrickRQ

Jim M

PatrickRQ

Jim M

PatrickRQ

Marc

PatrickRQ

Jim M

Recently Browsing 0 members

More