For better security, all of our Tenant members have now activated TOTP (One-time) MFA and use 1Password for the one-time code.
However, we received a notification saying “Pro MFA has exceeded your plan limit for this month” and “Users that completed MFA using DUO or OTP apps like Google Authenticator, counted per calendar month, per tenant.”.
The wording for “Users that completed MFA using DUO or OTP apps like Google Authenticator” seems a little ambiguous: are tenant members that use any TOTP (one time code) considered a Pro MFA method?
In the quota report it states that 1 user is using Google Auhtenticator.
@tyf could you explain why all types of Multi-factor Auth are considered “Pro” features even though it is a common security practise to offer MFA these days?
Also, do both Auth0 admin/tenant and regular user accounts count towards the same limit?
@tyf We’re turning off MFA methods for tenant members as we’re not 100% sure whether the screengrab you disclosed also directly correlates with MFA options for tenant members.
It might be easier if you could disclose a bulleted list of all MFA methods for tenant members that highlight which methods are not Pro/Enterprise and which are Pro/Enterprise.
Thanks @tyf. I couldn’t see anything in the latest link you shared which mentions Pro/Enterprise MFA for tenant members.
Sorry for the confusion here - Pro/Enterprise MFA relate to end user usage and not tenant members. Tenant member MFA is a treated separately.
To clarify: are any of the tenant MFA options classed as Pro/Enterprise MFA? And if so, can you please simply give us a bulleted list of the tenant member options which are Pro/Enterprise MFA.
Both Pro and Enterprise MFA apply only to your users (end users). There are no MFA restrictions on dashboard admins setting MFA for their Auth0 user profiles.
