Cannot remove MFA cleanly from dashboard admin

Related thread: Tried removing MFA for dashboard admin, now can not switch tenants

Similarly to the folks in the thread above, as a dashboard admin, I found that I couldn’t alter the MFA device for my login to the Auth0 platform. So, I tried to switch off MFA and then re-enable instead. However, switching off the MFA ended up in a mess: I’ve now ended up in some odd halfway-house where my MFA device isn’t registered but MFA is switched on (or so it seems).

So, now the only way for me to login is with my MFA recovery code every time I login (which of course is then invalidated and reissued as a new recovery code that I then have to record) - I don’t get prompted for an actual MFA code from my device at all.

Needless to say, this is a nuisance.

To add confusion to the matter, I’ve attached an image of what the MFA section of my profile in Auth0 now looks like. Clicking on either of the “Finish Enrolling Device” buttons just results in a popup where I have to enter my latest MFA recovery code again only to end up back at the Auth0 website with nothing changed.

Does anyone have any guidance on untangling this please? Thanks.

Hi @kelveden,

I am looking into this for you. I’ll report back here with any updates.

Thanks,
Dan

@kelveden,

Can you please DM me with the tenant name and email address of the admin account. Thanks.

Dan

Hi @dan.woda
I also have the exact same issue as @kelveden and need to have MFA turned off
I’ll dm you with details

Cheers,
Mike

1 Like