Multi factor Authentication: setting the code to be sent via email only

simonisjf Domo Employee
edited August 2023 in Reporting Ideas

A large Australian bank allows an external marketing agency to log in to their Domo instance. They are wanting to implement MFA for this subset of Domo users. The bank's concern is that when an external employee, who has access to Domo, is terminated they may still be able to login to Domo. This is because they retain their mobile numbers and MFA codes are sent via text.

The bank would like to be able to toggle the default code delivery method to email, instead of the default text message.

Additional details:

  • External employee is terminated, at which time their email access is disabled by their employer. However, they keep their cell #.
  • The termination may not be communicated to the bank for a few days.
  • During this time, the employee could continue to access Domo because we’re not relying solely on their email for MFA (they’d receive the code to their cell).

2 votes

Active · Last Updated