I had a problem logging into Sophos Central as my authenticator code would not be accepted and I was blocked for 30 minutes. This has worked normally upto this week. I am not sure at which date exactly I last logged in succesfully, but normally it is weekly.
I contacted Sophos Support and the answer was to wait for the 30 minutes to pass and try again. I tried again but this time I clicked Change MFA method and noticed I had 4 options:
- Sophos/Google Authenticator
- Sophos/Google Authentiator
- Email my email adress
- Phone and model
The authenticator code that works is the Phone and model one. So I removed the 2 Sophos/Google Authenticator entries and now I can login normally.
I contacted Sophos Support again with the question where these double Sophos/Google Authenticator came from and with the question if my credentials where compromised. According to Sophos my credentials were not compromised, but I know I did not add additional MFA authenticator apps to my login without specifying a name (which gives Sophos/Google Authenticator as default name) so I asked for an explanation.
Changed my password and MFA
I have not heard from Sophos Support yet.
Anyone else had similar issues recently?
This thread was automatically locked due to age.