Remember this device
Where a Two-Factor Authentication user logs into the Dashboard, they have the option to Remember this device at the security code login screen. This records the computer and web browser as one of the users Two-Factor Authentication (2FA) trusted devices.
Once enabled, the user is not prompted to enter their 2FA security code when accessing the Dashboard from this computer and web browser for the next 14 days.
At the end of this 14-day period the user is prompted to enter their 2FA security code each time they log in, unless they again opt to Remember this device and enter their 2FA security code to confirm.
The trusted device state is tied to the computer and web browser combination. If the user attempts to login to the Dashboard from the same computer but with a different web browser, they are prompted to enter their 2FA security code. Unless Remember this device is also enabled for that web browser.
Please be aware that the computer and web browser's trusted device status is cookie based and anything that prevents the web browser from reading the cookie will require the security code. For example, accessing the Dashboard from an incognito tab on the trusted web browser and computer.
If the cookie is removed (for example the web browser's cache is cleared) the trusted status is revoked, and the user cannot perform any actions that require password authentication. The next time the user logs into the Dashboard they are prompted to enter their 2FA security code and can opt to Remember this device.
Revoke Trusted Devices
Depending on the situation, it may be necessary to revoke the trusted devices registered for the user, without affecting their other logon settings. For example, where a trusted device was stolen.
User Accounts Dialog
- Log into the Dashboard using an account with Users permissions enabled
- Go to Settings > Users > User Accounts
- Multi-select the target users (use Shift and left-click to choose a range of users or Control and left-click for individuals)
- Right-click on one of the selection (or from the User drop-down)
- Choose Two Factor Authentication then Revoke Trusted Devices
- Click Revoke in the warning dialog to proceed
A green tick now appears in the R/T (Revoke Trusted Devices) column against the user.
Cancel Revoke Trusted Devices
To stop this revocation action, navigate to the User Accounts Two Factor Authentication menu (as above) and choose Cancel Revoke Trusted Devices before the user logs in.
Navigator Bar User Action
Revoke Trusted Devices is also available for the user to manage from the top navigator bar.
- Click on their name in the top navigation bar
- Choose Revoke Trusted Devices
- Select Revoke All Devices
- Click Continue to return to the Dashboard
Five minutes after the revocation action is authorized, the users active Dashboard session is canceled. Where the user is currently logged in, they can continue to view the Dashboard but cannot perform any actions that require password authentication.
The next time the user attempts to access the Dashboard from one of their previously trusted devices and web browsers they are prompted to enter their Two Factor Authentication security code.
User Accounts Dialog
Navigator Bar - User Action