Skip to main content

I started looking at the MFA on Command Centre and baffled as it is flawed. If my domain account has been compromised, I would be expecting the second factor to be the 2nd line of defence. But no, you can request a new pin that gets sent to your compromised domain account e-mail address. I then looked to see if I can amend my account by adding an external e-mail address, but LDAP pulls this from the domain and can not be edited. By editing the e-mail script we can omit the pin, but I think this hasn’t been thought through by Commvault, considering that backups are supposed to be the last line of defence against a cyber attack the two factor serves only to delay the time it takes for SMTP to deliver a new pin.

@dude :

Already did few months back they don't have any way apart from modifying the email template .


TFA email can be disabled using this Additional settings. If set at commcell level, it will disable for all the users that belongs to the commcell. 

Name: DisableTFAEmail

Category: CommServDB.Console

Type: Boolean

value: true

 


@Mohit Chordia , if you open a support case, share it here and I’ll split your query into its own thread.


TFA email can be disabled using this Additional settings. If set at commcell level, it will disable for all the users that belongs to the commcell. 

Name: DisableTFAEmail

Category: CommServDB.Console

Type: Boolean

value: true

 

@Nipa 

Thank you . This is working.


Reply