Forum Discussion
Solved
MFA with FIDO2 without mobile phone (no SMS or MS Authenticator)
Hello, I would like to use a FIDO2 key for authentication. I configured the authentication settings to use it. If the user already has an existing MFA (e.g. MS Authenticator), the FIDO2 key works v...
I have found the solution. It was an old setting. As soon as I deactivated the selected settings, I was no longer asked for additional information.
Temporary Access Pass was designed for this scenario - onboarding to FIDO2 as the only additional authentication method. As for why users are getting prompted to register other additional authentication methods, you'd need to check your policies for MFA and SSPR.