Hosted Login v2 troubleshooting

Common questions (and answers to those questions) that might arise when implementing Hosted Login v2 and two-factor authentication.

Hosted Login v2 troubleshooting

• 2FA screens don't appear as expected
  A few things to check: Are you using Hosted Login v2? Have you enabled two-factor authentication? Are you using the right OpenID Connect login client?

• 2FA seems to have stopped working
  Often-times this simply means that your users are logging on with trusted devices. Try changing the authentication.second_factor.trust_device_ttl client setting value and see what happens.

• Prevent users from trusting their devices
  Simply hide the Trust this device for future logins checkbox.

• New users must verify their email address twice
  This typically occurs because you enabled two-factor authentication without also updating the traditional registration and social registration forms.

• Users can't get their access codes by text message
  Users can’t get an access code sent via text message unless those users have a verified mobile device number in their user profile.

• Users are unable to trust a device
  This usually means that the authentication.second_factor.trust_device_ttl application client setting is set to 0.

• Users don't see the "Back to App" button
  Two possible reasons for this: 1) you aren’t running Hosted Login v2; or, 2) you didn’t include the redirect_uri in the link users click to open their user profiles.

• A trusted device still goes through 2FA
  This could be because the user isn’t actually logging on from a trusted device. Alternatively, the trusted device lifetime could have expired.