Skip to content

Settings and activity

1 result found

  1. 9 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    Koti Karthick Kumar Vankayala supported this idea  · 
    An error occurred while saving the comment
    Koti Karthick Kumar Vankayala commented  · 

    I work as a senior Identity and Access management consultant. And my recommendations are below,
    1. If a user checks the box - trust my device then trust the device and skip MFA for next login
    2. If the duration of next login is more than 3 days ideally considering the weekend, ask for MFA again else keep skipping the MFA. This is like Idle time in the login behaviour.
    3. Consider refreshing MFA every 30 days. This means even if the user is regularly logging in force them to MFA after 30 days. This is max MFA duration.

    I can provide clearer instruction if required.

    Cheers.