MFA Reset Request Process Summary
The aim of this FAQ is to help both you and us in handling MFA resets request in a more convenient and faster way.
In general, it’s important to enroll in multiple MFA methods for Dashboard Admins, and leverage the ability to regenerate the recovery code.
The following factors can be configured from the Profile page, and we highly recommend to enroll at least 2 of them and as many as possible:
- WebAuthn with FIDO security keys : WebAuthn roaming authenticators are removable and cross-platform, like a Yubikey, and can be used on multiple devices. To authenticate with a roaming authenticator, users must connect the authenticator to their device (through USB, NFC, or Bluetooth) and provide proof of presence (by touching it, for example).
- WebAuthn with device biometrics : WebAuthn platform authenticators are attached to a device and work on that device only. Examples are the MacBook Touch Bar, Windows Hello, iOS Touch ID or Face ID, and Android fingerprint or face recognition. Because they work on the attached device only, a user must have at least one other factor enrolled in their profile before enrolling device biometrics.
- Push notification via Guardian : Sends push notifications to a user’s pre-registered device, typically a mobile phone or tablet. The user can immediately allow or deny account access with a button press. The push factor is available with the Guardian mobile app for iOS and Android.
- One-time passwords (OTP) : Allows a user to use an authenticator app (such as Google Authenticator) on their personal device. The app generates an OTP that changes over time and can be entered as a second factor to validate the account.
- SMS notification : Sends a one-time code over SMS. Auth0 then prompts the user to enter this code before they can complete authentication.
Please make sure your Recovery Code is stored in a secure place, like a password manager. If you haven’t done so already, you can regenerate your Recovery Code to store it now.
Filing a MFA Reset Request:
Please do follow this steps once you need to make such request
If you are using a free account
- Send @support a private message with
- The email address of the account
- Once it’s submitted, we’ll open a support ticket and someone from our Developer Support Team will verify the request and proceed.
If you are on a payed account
- Open a support ticket describing what happened and attaching your tenant name and tenant admin email address
- From then on someone from Developer Support Team will confirm your identity and handle the rest for you.
- If you do not have access to support.auth0.com, you can follow the instructions for the free plan.
Thank you for your co-operation!
Supporting Documentation: Managing Auth0 Dashboard Admins and MFA
Video Tutorial
