ADSSP Mobile App does not follow the MFA for Reset / Unlock
In recent days the mobile app for ADSSP has changed some of the functionality. One security risk which i noted is the MFA for Reset / Unlock entered in the Admin portal.
We have our MFA for Reset / Unlock enabled to 3 factor authentication for reset / unlock operations.
However, when performing Password Reset and/or Unlock account from the ADSSP mobile app, it doesn't follow the entered setting. It just proceeds after just 1 factor of authentication instead of the entered 3.
when performing the same from the web-interface it works fine with requiring users to go through the specified 3 FA.
Please have this bug rectified ASAP as it could cause Security risk to not only us but to all customers of ADSSP.
My ADSSP build number is 5815