MFA: Inactive user override questions

gsmith · December 11, 2023, 8:52pm

On this MFA page in the docs, it says this:

If a user is inactive for a period of seven days or more, their cookie will expire and they will be prompted for MFA on their next login attempt

I have two questions related to this:

Does this apply to both Classic Universal Login and New Universal Login?
Will a user still be prompted after 7 days if “Never” is selected for “Require Multi-factor Auth” in the policy?

pavan.bn · January 7, 2024, 1:35pm

Hi gsmith,

Thanks for reaching out to Auth0 Community!

For your second question, user will not be prompted for MFA in this case, if the policy is set to “Never” MFA won’t be enforced even after cookie is expires. please refer this document for more information Enable Multi-Factor Authentication

Thanks,
Pavan

Topic		Replies	Views
Multifactor authentication prompt is less than 30 days Help	9	4772	August 29, 2024
Adjust MFA Remember me cookie expiry Feedback login , mfa-devices	2	1883	September 12, 2023
MFA Factors and Policy not prompting user to pick configured factor Help mfa , policies-configuration	2	936	September 6, 2023
Controlling MFA Expiration Time Help auth0 , mfa	2	2660	September 23, 2022
MFA Session Cookie (auth0-mf) Knowledge Articles session-cookie , auth0-mf	1	330	June 26, 2024

MFA: Inactive user override questions

Related topics