We have been using MFA along with default settings (so set allowRememberBrowser to false ).
It worked fine at the time, but to input OTP every time would be a hassle for users,
so we try setting it to allowRememberBrowser: true.
The authentication succeeds if checking “Remember this device for 30 days” in the OTP screen.
However, if unchecking it, user cannot be authenticated. (We got “isAuthenticated = false” in our code with auth0-react after redirecting to our application.)
I tried the setting back to allowRememberBrowser: false, but the same problem occurred. (In other words, it doesn’t work properly until checking “Remember this device for 30 days”, so we have to set allowRememberBrowser to true).
I can’t figure out what the problem is.
How do we fix this?
I’ve found the same behaviour and we can’t log in with MFA unless we check “Remember this device for 30 days", otherwise login with MFA doesn’t work and send you back to the login page.
This issue has been open since Dec’21, do you have any update or how to fix it?
Currently using auth0-react: 1.9.0 with react 18.2.0;
I have a React app with an Auth0 login management using only Google Workspace connection. 2FA is currently enforced (email or authenticator). When the ‘remember’ checkbox is left unchecked on login, the user is redirected back to login after what seems of about 0.5 sec of being logged in. This loop persists until the checkbox is checked at which point the app starts behaving as expected.
How is that a solution? If I require users to have 2FA enabled does that mean they will constantly be logged out unless they choose the option to ‘Remember device for 30 days’ ?
That doesn’t really make it an option then does it?