Bug #95892
closed
Create BE user: on/off toggle for MFA confusing
0%
Description
Reproduce¶
1. I am creating a new BE user. MFA is not configured yet.
2. It shows me a red toggle "Deactivate multi-factor authentication and a label "Multi-factor authentication[mfa]" with status "MFA disabled"
It looks like it is disabled and I must turn it on (but configure first). But if I must enable it, why does it say " Deactivate multi-factor authentication".
Maybe I misunderstand this, but to me this is a little confusing.
I find some of the toggles confusing anyway because the description is opposite of database field (e.g. "Enabled" vs. "disable").
Versions¶
- with latest "master" coredev
Files
Updated by Sybille Peters about 3 years ago
- File mfa_deactivate.png mfa_deactivate.png added
- Description updated (diff)
Updated by Oliver Bartsch about 3 years ago
- Status changed from New to Needs Feedback
Hi Sybille, this is a special field which one the one hand informs an administrator about the users' MFA status, e.g. "disabled" or "locked" and on the other hand allows to deactivate MFA either completely or just a single provider (e.g. because the user locked them by submitting wrong credentials multiple times).
Your screenshot of a fresh user is the default behaviour. MFA is disabled and can therefore not be deactivated by the admin => That's why the button is disabled.
What would be your suggestion here? Do you want the button to be completely hidden in this case? I didn't do this because - to me - it looked like the field is broken (only having the label without any further field or text).
Updated by Sybille Peters about 3 years ago
- Status changed from Needs Feedback to Closed
Ok, I tested this some more and it seems correct - the button "Deactivate multi-factor authentication" is disabled (because MFA not setup for user). If MFA is setup, the button becomes enabled and you can deactivate via this button.
It seems obvious now, I don't know why I got confused.
Closing.