Untrust a device
Typically a user selects a checkbox like Trust this device for future logins because he or she wants to minimize the number of times they have to deal with two-factor authentication. Needless to say, thatโs the whole idea behind trusted devices in the first place.
Nevertheless, itโs possible that a user might want to โuntrustโ a device and, by doing so, reinstate two-factor authentication. Depending on how you look at it, thatโs a problem: thereโs no way to deselect the Trust this device for future logins checkbox. In fact, after youโve trusted a device you wonโt see that checkbox again (at least not until the two-factor TTL has expired). Similarly, you canโt untrust a device by updating your user profile: user profiles donโt have anything to do with trusted devices.
As noted elsewhere, however, one of the ways that Hosted Login identifies a trusted device is by using cookies. If a user really wants to untrust a device they can do this:
-
Make an authorization request and go to the Hosted Login sign-in screen.
-
Delete all the cookies associated with the sign-in screen.
Doing that retriggers two-factor authentication and results in the following:
That said, we donโt recommend that users do this: deleting all your cookies will also make it impossible to log on to the site, at least at that particular moment. (To log on youโll need to start over and make a new authorization request.) However, itโs useful to know how the trusted device process works. This knowledge can aid in troubleshooting as well: if a user wonders why his or her device is no longer trusted, asking if theyโve recently deleted all their cookies is a good place to start.
Updated over 1 year ago