Problem statement
As a tenant administrator, I need to reset MFA for a user who enrolled with Duo factor. The Auth0 dashboard doesn’t show information to reset the MFA for users enrolled with Duo MFA. How to do it?
Solution
Duo is a third-party MFA provider. To reset MFA for a user who enrolled with Duo MFA, you need to do it on the Duo Dashboard. When a user enrolls with Duo MFA, Auth0 creates a user record on Duo with the following format.
- Convert the Auth0 user id to Base-64 encoded format
- Convert the encoded hash to lowercase.
For example:
Auth0 user id: google-oauth2|107989355747066500000
Duo username: z29vz2xllw9hdxromnxyyw5kb20tc3rxxxxx
Resetting the MFA on the Duo dashboard will prompt the user to re-enroll for MFA when they log in next time.