Affected Versions: SecureAuth IdP 8.x+
Description: During multi-factor login, duplicate 2-factor methods may appear on the client-side registration methods page. This can include Time-based Passcodes generated on the SecureAuth Authenticate App, Push Notifications, and Push-to-Accept login requests.
Cause: Because these methods require the enrollment of mobile devices (versus phone numbers), the displayed option is associated to a physical device rather than the user's telephone profile information. A common use case is when users acquire new mobile devices and provision them for multi-factor authentication without disabling the previously enrolled device(s) or designating the new device with a unique name.
Resolution: SecureAuth recommends revoking the device's enrollment through the Help Desk page or Self-service Account Update page by unchecking the duplicate device(s) with the older access date in the OATH Devices and Push Notification Devices sections.
Comments
Please sign in to leave a comment.