User can reset MFA after using the lost device code

Hi,

We have MFA with Google Authenticator enabled for our users. There does not seem to be a way to have the users switch to a new device. We can use the code to log in if we lost our device, but we cannot let users reset the MFA to have a new QR code for a new phone.

  1. When I lose my phone as a user, I can enter the app by providing the code that we got when first registering with Google Authenticator. If using this code, a reset of the MFA could be triggered here.
  2. When switching devices, a user can provide the current GA code. An option to switch devices could possibly be available here as well. Though using the code like above could be enough to switch.

Auth0 could provide this functionality. Though I’m also aware that we can implement this through the API and use some kind of self service application. We kinda expected the lost your device code to have a way to let users reset it themselves…

Kind Regards,
Jan

1 Like

Hey there!

Sorry for such a delayed response! We’re doing our best in providing you with the best developer support experience out there but sometimes our bandwidth is just not enough for all the questions coming in. Sorry for the inconvenience!

Can you let us know if you still require further assistance from us?