Settings and activity

1 result found

1. MFA: Remember 'Trust this device' setting after 24 hours

   8 votes

   vote vote vote

   We're glad you're here

   Please sign in to leave feedback

   Signed in as (Sign out)

   Close

   Close

   vote

   We’ll send you updates on this idea

   7 comments  ·  For small businesses » Settings & user roles  ·  delete…  ·  Admin →
   How important is this to you?

   Not at all You must login first! Important You must login first! Critical You must login first!

   We're glad you're here

   Please sign in to leave feedback

   Signed in as (Sign out)

   Close

   Close
   submitted  ·  AdminEthan M (Admin, Xero) responded

   
   

   Koti Karthick Kumar Vankayala supported this idea  ·  15 December, 2023
   An error occurred while saving the comment
   Koti Karthick Kumar Vankayala commented  ·  15 December, 2023  ·  Edit…  ·  delete…

   I work as a senior Identity and Access management consultant. And my recommendations are below,
   1. If a user checks the box - trust my device then trust the device and skip MFA for next login
   2. If the duration of next login is more than 3 days ideally considering the weekend, ask for MFA again else keep skipping the MFA. This is like Idle time in the login behaviour.
   3. Consider refreshing MFA every 30 days. This means even if the user is regularly logging in force them to MFA after 30 days. This is max MFA duration.

   I can provide clearer instruction if required.

   Cheers.

   Save Submitting...