<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-M74D8PB" height="0" width="0" style="display:none;visibility:hidden">
Loading
Skip to NavigationSkip to Main Content
System Status
Announcements
Announcements
Search
Search
Select Language
Knowledge Base
Knowledge Articles
Support Videos ↗
Documentation
Product Documentation ↗
Developer Documentation ↗
Product Release Notes ↗
Community
Events & Webinars
Okta Ideas ↗
Resources
Product Hub
Customer Success Hub
Product Release Update
Learning
Okta Learning ↗
Get Support
Open a Case
HomeCommunityForum
0D54z00008VtBsICAVOkta Classic EngineMulti-Factor AuthenticationAnswered2025-10-11T09:01:02.000Z2022-12-09T07:09:41.000Z2022-12-14T18:32:43.000Z

WayneD.75431 (Customer) asked a question.

December 9, 2022 at 7:09 AM
Is it possible to disable the ability for users to remove/reset their extra verification/MFA factors?

I saw an old post indicating disabling the ability for end users to remove/reset their own MFA factors in their profile settings was not possible but that was from 2018. Just wondering if that's changed? We are aware of compromises where someone has managed to add an additional factor to an account and would like to restrict the resetting of factors to Admins if we can.

Thanks,

Wayne

  • 2 answers
  • 774 views

  • flz9z (flz9z)

    Hi Wayne Dobby ,

    Currently there is no option that will allow to remove the "Reset" button from the Okta User UI

    Selected as Best

  • flz9z (flz9z)

    Hi Wayne Dobby ,

    Currently there is no option that will allow to remove the "Reset" button from the Okta User UI

    Selected as Best

  • DonF.81354 (Customer)

    @WayneD.75431 (Customer)​ Although not perfect in all circumstances, my org has a single factor enabled and thus ensures that it cannot be removed as a result.

     

    Particularly if you use a push service, lets say Duo, you have the ability to choose from voice, push, or SMS within that service but to Okta it is a single configured MFA factor. Thus as a result, users cannot remove the factor from their Okta profile settings, but they also have "choice" of factor within this MFA provider. .

     

    Certainly not possible in all cases, but just a thought. Additionally, I would suggest you could create a case on Okta Ideas. Please report back your your # and we can all vote on it. Thanks!!

    Expand Post
This question is closed.
Loading
Is it possible to disable the ability for users to remove/reset their extra verification/MFA factors?