I am an admin at my company using the Auth0 platform who is mostly responsible for handling issues with reseting Two Factor Authentication.
I currently have a user that cannot access the guardian application on their mobile device.
The message we encounter is,
“Seems like the security settings of the device have been changed. In order to protect your information we need to validate your identity. Please enter your recovery passphrase to continue.”
There does not appear to be any other options to change this. I have attempted to change their password under one of our tenants, but that did not work.
I can’t seem to locate and option to reset this passphrase, is there an easy way of doing this or does it require a more in-depth fix?
This allows them to set up a new instance of Multi-Factor Authentication, but the main issue is with the Guardian application on their mobile device.
The message I posted is on their Guardian application on their mobile device and will not allow for any other options.
They do not remember their passphrase that the application is requiring that they enter to set up a new Multi-factor Authentication connection within the Guardian application.
We used the Google Authenticator application and SMS for our other program, but we would like for them to use the Guardian application for our internal systems.
It sounds like the app has cached a profile. Have they tried reinstalling? If that doesn’t work can you try looking at the app’s properties and make sure all data is cleared.
We had uninstalled the application twice before submitting this ticket.
However, to insure that I covered all of the bases and performed the following,
Cleared the cache for the Guardian application on their mobile device.
Cleared the storage for the Guardian Application on their mobile device.
Then uninstalled the application and re-installed the application.
After opening the Guardian application, it still presented us with the request for a passphrase. This appears to be a passphrase that is tied to the application and security through android as this happened after the device was replaced.
Is there a method to reset this passphrase or is there a way to set up the Guardian application on a mobile device with a passphrase initially, and then have that passphrase for security purposes if the device is lost, stolen, or replaced?
I am seeing multiple support cases of this same behavior where deleting, clearing app data and resetting MFA solves the problem. It sounds like you have already tried those steps. It is important to do the reset before you reinstall, if you haven’t tried that, I would suggest trying it again.
I am going to continue to look into this further and make sure there isn’t another issue you could be running into.
If a user uninstalls then later re-installs Guardian, they may be prompted to enter their recovery code. If the recovery code has been lost, the user can perform a new installation of the app by disabling automatic restoration of their Guardian backup. To do so, the user will need to uninstall Guardian, temporarily disable automatic restoration of backups within their device settings (steps to do so will vary according to the device), then re-install the app. They will then need to add their MFA account(s) to the app as if performing a first-time setup. If automatic backups or automatic restoration are not enabled on the user’s device, re-installation of the app will not prompt for a recovery code and the user will be required to add their MFA account(s) as in a first-time setup.
It looks like there may be a lingering cloud backup causing this.
We followed the steps you gave to us and turning off the automatic restoration of backups resolved the issue.
We installed the application after turning the feature off and we were able to circumvent the original passphrase and set up new instances of Multi Factor Authorization.