The following is list of operations that triggers a PIN that must be verified for the changes to take effect.
Note
A user who initiates the operation will receive the verification PIN through their authenticator app. If an authenticator app is not configured, you can choose to have the PIN sent to the email instead.
| Operation | Entity | Description |
|---|---|---|
| Reset a password | CommCell | When an administrator attempts to reset another user's password and when a user attempts to change own password |
| Reset a secret key/QR code | CommCell | When an administrator reissues a secret key for two-factor authentication. |
| Email adddress | User | When a user attempts to changes another's email address. |
| Data privacy | CommCell | when you enable or disable data privacy at the CommCell level. |
| Two-factor authentication settings | CommCell | When any two-factor authentication settings are modified. The settings include Two-factor authentication, Allow passwordless login, Allow usernameless login. |
| Enable or disable two-factor authentication | CommCell, Company | When you enable or disable two-factor autnetication at the CommCell and company level. |
| Allow user to manage two-factor authentication | CommCell, Company | When you allow or stop users to configure web authenticator themselves to manage two-factor authenticator. |
| Limit login attempts | CommCell | When you enable and disable the setting to limit the user login attempts. This includes the following settings: Failed login attempt limit, Failed login attempts within, Account lock duration, and Enable duration increment on consecutive account lock. |
| Multiple company members at the user group level | CommCell | When you enable or disable the setting to allow multiple company members at the user group level. |
| Update user group with two-factor authentication enabled | User group | When you attempt to modify a user group with two-factor authentication enabled. |
| Login after 90 days | User | When a user without two-factor authentication enabled attempts to log on after 90 days from the previous successful login. |
| First time login with two-factor authentication | User | When a user with two-factor authentication attempts to log on for first time to set up the QR code, a PIN is generated. |