Create a process that permits a user to request an MFA reset likened to a Password Reset

cisagov / crossfeed

External monitoring for organization assets

https://docs.crossfeed.cyber.dhs.gov

Creative Commons Zero v1.0 Universal

368 stars 54 forks source link

Create a process that permits a user to request an MFA reset likened to a Password Reset #810

Open cablej opened 3 years ago

cablej commented 3 years ago

Create a process that permits a user to request an MFA reset likened to a Password Reset.

When a Crossfeed participant changes mobile devices they will need to update their MFA device. As a designer, I need to ensure our participants are able to request an MFA reset that updates the backend (cognito) and triggers MFA setup for existing user profile again.

dmfezzareed commented 8 months ago

@schmelz21 Please give this a once over. Let me know if you need more information. I'll work on matching SNow tracking later.

dmfezzareed commented 8 months ago

@schmelz21 I ran into this issue yesterday with a Phase-1 enrollee. I had to delete his profile in Cognito and then in Crossfeed, then Invite him in Crossfeed so that he could start the account activation process over again just to reset his MFA. Granted this worked, but its overkill IMO.