two-factor authentication reset by admin

  • 1
  • Idea
  • Updated 3 months ago
I would like the ability as the admin to "reset" a user's two factor authentication much like that for a password reset.  Essentially, to clear out the two factor settings and forcing ShareFile to treat it as a new account and thereby recreate their multi-factor authentication.  I have several calls since enforcing this system wide for my organization whereby users are never given the option to setup two-factor authentication and are essentially locked out of their account. 

ShareFile support tells me the only option is to temporary turn-off "require two-factor on clients", let the change propagate in the system, and call the client back over the phone, have them login with just their password, and make them setup their two-factor authentication. After all that, then go back and turn on the option to "require two-factor on clients".  It's definetly a hassled that could be avoided by just letting me forcibly clear their 2fa and thereby letting them set it back the next time they log in.
Photo of Andrew Wright

Andrew Wright

  • 1 Post
  • 0 Reply Likes

Posted 3 months ago

  • 1
Photo of Brian LeComte

Brian LeComte

  • 28 Posts
  • 11 Reply Likes
I fully agree with Andrew on this idea!  Since the initial ShareFile credential stuffing incident earlier that forcibly reset passwords, ShareFile's security response was to enable 2FA.  The ability to reset/revoke etc per user would be ideal to preserve security