May 29 2020 06:19 AM - edited May 29 2020 07:22 AM
Hi,
We want to make sure that MFA is prompted every 24 hours. What we did is that we put the parameter :allow users to remember multi-factor authentication on devices they trust at 1 day. We want the MFA to be prompt every 24 hours because we want to use Azure MFA with our VPN solution as the second factor.
Now the problem is that the 24 hours used in the remember parameter is a real 24 hours so if you performed your MFA at 1 pm it will be asked again at 1pm the day after. What should we do to have a better user experience. Modify token lifetime?
Like if your a in a middle of a teams reunion and you forgot that your MFA will expire in like 10 mins, you will lost connection. I know, users should just refresh their MFA every morning but you know they tend to forget....
May 29 2020 07:11 AM
@Frederick_Po See this article for different approaches https://janbakker.tech/2020/05/22/sure-keep-me-signed-in-and-dont-prompt-for-mfa/
May 31 2020 12:30 AM
Jun 01 2020 01:05 AM