This article explains a known behavior where an Administrator may see a "403 Forbidden" error. This can be seen if an account has MFA (multi factor authentication) enabled for selected users, and if an Administrator who is not on that list, Selects the "Manage Login Settings" option.
This is expected behavior for any administrator who does not have MFA enabled and they select "Manage Login Settings:
The following sections are covered:
Applies to the following Sophos products and versions Sophos Central Admin
If you've spotted an error or would like to provide feedback on this article, please use the section below to rate and comment on the article. This is invaluable to us to ensure that we continually strive to give our customers the best information possible.
Every comment submitted here is read (by a human) but we do not reply to specific technical questions. For technical support post a question to the community. Or click here for new feature/product improvements. Alternatively for paid/licensed products open a support ticket.