View Users OTP code missing since firmware upgrade to 18.5.2

Question

Hello, since upgrading my XG230 firewalls to 18.5.2 I can no longer go to the MFA settings in the admin portal and retrieve end user MFA codes. Has this been removed or moved to another section in the XG?

This thread was automatically locked due to age.

LHerzog · Accepted Answer

https://community.sophos.com/sophos-xg-firewall/f/discussions/131468/sophos-firewall-v18-5-mr2-feedback-and-experiences/484223#484223 
 there's a good answer from RichBaldry about OTP codes removed.

Vishal_R · Answer

Hi Liam Evans : Thank you for reaching out to the Sophos community team. That setting has been removed due to security reasons - Any method that encourages Administrators to pre-generate soft token initialization codes and print out the QR codes, or distribute them through some other means, is inherently insecure. 
 So from V18.5 MR-2 onwards, If OTP is on for users then the user requires to self-initialize their OTP by logging on first to the User Portal with their username and password.

View Users OTP code missing since firmware upgrade to 18.5.2

Top Replies