Skip to main content

Allow users to reset their password even with 2FA required

Completed

Comments

4 comments

  • Official comment
    Ron Hagag

    We are happy to announce that beginning with release 12.7, Cerberus FTP server support self-service password reset for 2FA authentication.

    Read more about it here - 2FA password reset

    And access the complete release notes here  to read about additional features and improvements in this version

  • Paul Jackson

    Although I agree with this in principle, I think it needs to be a bit stronger than this.

     

    Users should require to configure a secondary way to complete the 2FA should they have an issue with their prefered option, for example, if a user has lost access to their mobile app, they should be able to request a pin number/code to be sent to their registered email address to gain access. to simply allow someone to re-set their 2FA with a disclaimer makes 2FA a bit pointless.

    1
  • Jessica Booker

    Is this something that Cerberus is looking into. With Hundreds of users for our company it is time consuming to have someone basically manage passwords even though there is a capability to manage yourself... Only if you lower the authentication settings.

    0
  • Mark Kaprow

    The application should require the current code from the Mobile Authenticator app and if verified allow the password reset in place, without mailing a link.

    0

Please sign in to leave a comment.