Two factor authentication
-
Some of our user are randomly losing two factor authentication.
we set them up to use authenticators and one day they'll just be able to sign in without using one.
would anyone know what would cause that?
-
Arron Staff
What version of MDaemon are you using?
What webmail theme are they using?
When you set up users with two factor authentication, are you configuring accounts so that two factor authentication is "allowed" or "required"?
When the user is able to sign in without using two factor authentication are the two factor authentication settings for the account still configured correctly?
What does the webmail log show when this happens?
Are the users enabling remember me for two factor authentication?
-
Thank you for the quick reply.
we are using version 24.5.0 and the theme is lookout.
TFA is allowed and not required.
the TFA setting disappears when the lose it. Its as if they were never configured.
and remember me is enabled. (meaning broswer remembers id and password.)
we couldnt check webmail log the users dont remember exactly when it happened.
Thank you
-
Arron Staff
Just to confirm, when the setting disappears, if you go to Account Manager / Select the Account / Edit / Web Services, is the box for "Allow Two-Factor Auth" Still checked?
Is the button for "Disable Two-Factor Authentication" still enabled? Can you send a screen shot of the settings for the user after the settings disappear?
In the MDaemon\WorldClient\domain.ini file, what sections have a TwoFactorAuthAllowed= setting and what value is configured for each?
If you check the MDaemon\Users\$DOMAIN$\$USER$\WC\User.ini file, What is the value for TwoFactorAuthAllowed in the [User] section?
Are there any Groups & Templates applied to the accounts having this issue?
Is there anything on the machine that might be overwriting changes in the domains.ini or User.ini files?
I haven't found anything that might be causing this yet.
-
thank you for the reply.
we'll look into it little more and get back to you with our findings.
oh just one other thing. Would Crowdstrike cause conflict? But it's kind of weird that it's not all the time for all users but some users.
-
Leigh Staff
Hi Paul,
I cannot think of a way that Crowdstrike would cause Two Factor to act like it's not enabled; it seems like it would cause a failure to log in instead.