Is it possible to disable the email users receive when failing to enter the 6 digit two-factor authentication code?
To clarify when a user enters their login info they need to enter the 6 digit code after their password. Failing to do so will send an email to the user with a one time login code that is viable for 30minutes.
I would like to disable this email being sent when failing to enter the authentication code upon login.
Is this possible?
Page 1 / 1
Hi @Noobvault
Thank you for the question.
On reading case history, it appears there is no way to disable the email from being sent.
What is the particular use case for preventing this email being sent?
I would expect if the PIN code entered incorrectly (either by the correct user or impersonator) the user would expect the email - either to allow login successfully or to alert to unexpected login attempt?
Thanks,
Stuart
@Noobvault, you can prevent sending PIN out by modifying email template Two Factor Authentication.
Remove $PIN$ variable and/or adjust email content to your needs.
Thank you for the answers.
Yes editing the mail will get rid of the pin. However the users now receive an email that is just considered “unnecessary noise” since they have already been warned of the Two Factor Authentication with a popup in the GUI.
So the only reason to prevent the mail is to create less “noise” for the users.
@Noobvault , following up to clarify your reply. Do you have the answer you were looking for, or do you need more information?
Thanks!
Hello everybody,
Are there any news on this issue? I also want to disable the mail after failed login with two factor authentication and would like to know if this is possible.
Thanks,
Regards, Thomas
I know this is an old thread, but thought it could help others asking the question again.
Do we have a way on 11.28 and onward to disable Email PIN via command center / qoperation script or something that does not require the workaround of editing the email provided on this thread? Do you know @Onno van den Berg ?
Thanks
there is an additional setting “DisableTFAEmail” dont know if it will solve this issue.
I don’t see the point of 2fa at all if all you need to do is get a user’s password and attempt a login without a pin, and then the commcell sends you a pin anyway?