Closed warwickgrigg closed 6 years ago
Hi @warwickgrigg
Thanks for your feedback, we found that enable MFA by default is a common use case. We will look for an alternative.
MFA shouldn't be enabled when phone is not selected. I will tag this as a bug
The latest update (v 1.0.13) should have resolved this issue.
MFA is ON by default. (I would have expected OFF):
`awsmobile user-signin enable
enabled: user-signin backend awsmobile project enabled features: analytics, hosting, user-signin
$ grep mfa awsmobilejs/backend/mobile-hub-project.yml mfa-configuration: ON`
If instead I go to advanced settings, de-select phone (I don't need it), it doesn't offer any MFA option, and MFA remains ON
`awsmobile user-signin enable --prompt
? Sign-in is currently disabled, what do you want to do next Go to advance settings ? Which sign-in method you want to configure Cognito UserPools (currently disabled) ? How are users going to login Email ? Password minimum length (number of characters) 8 ? Password character requirements
$ grep mfa awsmobilejs/backend/mobile-hub-project.yml mfa-configuration: ON`
The only way to set MFA OFF is to set phone as an alias (only then is the MFA authentication question asked):
` awsmobile user-signin enable --prompt
? Sign-in is currently disabled, what do you want to do next Go to advance settings ? Which sign-in method you want to configure Cognito UserPools (currently disabled) ? How are users going to login Email, Phone number (required for multifactor authentication) ? MFA authentication disabled ? Password minimum length (number of characters) 8 ? Password character requirements
$ grep mfa awsmobilejs/backend/mobile-hub-project.yml mfa-configuration: OFF `
This doesn't make sense. I suggest that: