Sophos Central Login: How to remove QR Code and Authentication App requirement

Hello all,

I have a problem login on to Sophos Central. My username and password is accepted, and so is the email received code and my pin.

On the next screen I'm asked to verify my device, presenting a QR code asking me to scan the QR code and enter the revealed security code.

At first I did not have any Authentication App but found Authentication 7 on app store, installed it and got a security code. It did the trick and I was in.

Now, I would like to change the MFA login to only ask for the email transmitted code, so under profile I select to change MFA settings, and in the list of options, Authentication APP is listed twice, and email is listed once. For the two Authentication App lines, there is a bin. Click on the first line bin and the line is removed but when I click the second, it removed not just the line, but also the Email line, and report an error saying at least one authentication method is required, and again lists the Authentication App and a line: Add MFA method. BUT, when clicking the "add MFA method" to be able to select email, I'm logged off and required to login again, thus having to enter not only an email received code, but also have to enter an Authentication App code. All over again... I tried a few times more, but still the same. Over and over again. Something is wrong !

Is it not possible to login to Sophos Central to manage my firewall, without having to install and use an Authentication App on my mobile ?

Many thanks in advance for any help.

Regards

Soren

NB! This is on a Windows 10 Pc, using Brave Browser, with Bitdefender Anti-Tracker and no third party cookies. 



Edit Tags
[edited by: GlennSen at 1:30 PM (GMT -7) on 7 Aug 2024]
Parents
  • Hi Søren,

    Thanks for reaching out to the Sophos Community Forum. 

    While we do suggest using an MFA app as the primary means of authenticating into Sophos Central, I can understand the desire to not have additional apps installed locally. I do suggest keeping the MFA app available as a backup option, should you experience issues with your email. The "Sophos Intercept X Mobile" app does have an authenticator feature, but you can also use something like DUO or other MFA app as you've done.

    When testing this, I was able to switch to the "Email Code + Pin" method by doing the following. 

    1. Log in to Sophos Central
    2. Click the User icon on the top right 
    3. Click Change Password
    4. Click Manage MFA
      1. On the following screen, if the desired MFA method is displayed/prompted, no changes are needed
      2. If you wish to change the MFA method, select "Change MFA Method"

    If the UI is behaving oddly, I'd suggest gathering a HAR log while proceeding through this navigation. This will capture any errors or issues in the browser so that the logs can be shared with Sophos Support. 

    More information on gathering a HAR log can be found in the article below:
    - Access the Developer tools in your web browser and collect a HAR file

    Once you have the logs, please open a support case and let me know the case number via PM.

    Kushal Lakhan
    Team Lead, Global Community Support
    Connect with Sophos Support, get alerted, and be informed.
    If a post solves your question, please use the "Verify Answer" button.
    The New Home of Sophos Support Videos!  Visit Sophos Techvids
Reply
  • Hi Søren,

    Thanks for reaching out to the Sophos Community Forum. 

    While we do suggest using an MFA app as the primary means of authenticating into Sophos Central, I can understand the desire to not have additional apps installed locally. I do suggest keeping the MFA app available as a backup option, should you experience issues with your email. The "Sophos Intercept X Mobile" app does have an authenticator feature, but you can also use something like DUO or other MFA app as you've done.

    When testing this, I was able to switch to the "Email Code + Pin" method by doing the following. 

    1. Log in to Sophos Central
    2. Click the User icon on the top right 
    3. Click Change Password
    4. Click Manage MFA
      1. On the following screen, if the desired MFA method is displayed/prompted, no changes are needed
      2. If you wish to change the MFA method, select "Change MFA Method"

    If the UI is behaving oddly, I'd suggest gathering a HAR log while proceeding through this navigation. This will capture any errors or issues in the browser so that the logs can be shared with Sophos Support. 

    More information on gathering a HAR log can be found in the article below:
    - Access the Developer tools in your web browser and collect a HAR file

    Once you have the logs, please open a support case and let me know the case number via PM.

    Kushal Lakhan
    Team Lead, Global Community Support
    Connect with Sophos Support, get alerted, and be informed.
    If a post solves your question, please use the "Verify Answer" button.
    The New Home of Sophos Support Videos!  Visit Sophos Techvids
Children
  • Hi Kushal Lakhan,

    Thank you for your reply. It is working not as I want it, meaning I can logon to central.sophos.com, without having to use an authentication app. I receive a code by mail, after having entered my username and password, and together with my pin, I'm now logged in to central and can manage my firewall.

    Thank you for your help :-)

    Regards

    Soren