OK, so you read all the Hosted Login v2 documentation (well, most of it …) and yet you still can’t get things to work the way you expected to them to. What follows is a list of some of the more common questions that might pop up when implementing Hosted Login v2 and two-factor authentication. Oh, and we also include an explanation of why these problems might have cropped up along with steps you can take to try and resolve them.
Here are the issues addressed in this documentation:
- Why aren’t my 2FA screens appearing -- ever?
- My users were initially required to go through 2FA, but now they’re just logging on without being prompted to enter an access code. What happened?
- How can I hide the Trust this device for future logins checkbox?
- How come my users don’t see the Trust this device for future logins checkbox?
- One of my users (but not all of them) marked their computer as a trusted device. However, the next time she logged on to my site, she had to go through two-factor authentication. Doesn’t a trusted device mean that you get to bypass 2FA?
- Whenever someone creates a new account on my website, they verify their email address, then get asked a second time to verify that same email address. Why?
- According to the documentation, when using two-factor authentication Hosted Login can send an 2FA access code by email or by text message. However, most of my users don’t get to choose between email and text message; instead, access codes are automatically sent by using email. What gives?