Allow Customization of the MFA Remember Browser Period

Feature: Make default 30-day MFA Remember Browser Period Customizable.

Description: Currently you can either have users having to go through MFA checks every time they log in or once every 30 days.

It’s required for this number of days figure to be configurable.

Use-case: We are in the fintech domain and there are some trading institutions that require daily MFA requests. They would want to make sure that the MFA is needed only once a day.

When building a white-labelled product, it’s a value addition to have this figure configurable.

Thank you for creating this feedback card! Make sure to upvote and I really hope it will attract as many votes as possible!

Going further, we’d love to see the option for a session-based MFA, that also expires with inactivity timeout.

Right now, the configurable inactivity timeout applies to the entire login session. Best is to persist 1FA (long lived login) but prompt for MFA on inactivity timeout or backgrounded session etc.

1 Like

Thank you for adding this piece of context @dco888 !

Any updates about this feature request?

I also would like to use this feature. 30 days is too long and risky.