PENDING - 2 months & still UNRESOLVED -- ADSSP Mobile App does not follow the MFA for Reset / Unlock
I had reported this 2 months back now and this is still & definitely a Security risk here. The bug existed in My ADSSP build number 5815 & exist in every version even in 6008
It is over 2 months now and this is still not fixed...Do let me know the escalation process & the SLA for bugs resolutions
We have our MFA for Reset / Unlock enabled to 3 factor authentication for reset / unlock operations.
However, when performing Password Reset and/or Unlock account from the ADSSP mobile app, it doesn't follow the entered setting. It just proceeds after just 1 factor of authentication instead of the entered 3.
when performing the same from the web-interface it works fine with requiring users to go through the specified 3 FA.
Please have this bug rectified ASAP as it could cause Security risk to not only us but to all customers of ADSSP.