On this MFA page in the docs, it says this:
If a user is inactive for a period of seven days or more, their cookie will expire and they will be prompted for MFA on their next login attempt
I have two questions related to this:
- Does this apply to both Classic Universal Login and New Universal Login?
- Will a user still be prompted after 7 days if “Never” is selected for “Require Multi-factor Auth” in the policy?