I started looking at the MFA on Command Centre and baffled as it is flawed. If my domain account has been compromised, I would be expecting the second factor to be the 2nd line of defence. But no, you can request a new pin that gets sent to your compromised domain account e-mail address. I then looked to see if I can amend my account by adding an external e-mail address, but LDAP pulls this from the domain and can not be edited. By editing the e-mail script we can omit the pin, but I think this hasn’t been thought through by Commvault, considering that backups are supposed to be the last line of defence against a cyber attack the two factor serves only to delay the time it takes for SMTP to deliver a new pin.
Solved
Multi Factor Authentication (MFA) Flaw
+1
Best answer by Anand
Editing in FR25 to mark this as the best (and complete) answer.
Reply
Rich Text Editor, editor1
Editor toolbars
Press ALT 0 for help
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.