Validate user-entered data during initial registration

[k-korn]

Currently, if
a) Users are required to have MFA configured
b) On the first registration user mistypes his phone number and does not enter e-mail as an alternative contact
as a result the user will be locked out of the system, and can only log in if site administrator resets his MFA data to allow re-registration.

It would be great if some future version of ADFS MFA would perform validation of user input by actually sending SMS to user-entered number and confirming that the user actually received it before completing the registration and requiring SMS on the next log in.
Same can be true for e-mail based access - if user enters e-mail which he can not access, he will be locked out.

[redhook62]

Hi,

Yes, it's true.
But admins can unlock the account in the case you describe.
That's what, we want for security reasons.

If the UI prevent users to make mistakes when registering, of sure it would be better.
So, as said in previous request #13, next version have many new features. for example we have implemented registration validation for QRCode.
The providers model has changed to fully supports Biometric registration in the future. and the new MFA azure model now.
So, registration verification on each Provider (OTP, SMS/External/Custom, Mail, Azure, etc..) is planned for version 2.2
We planned to ship a beta early in may 2018, definitive version early in june.

Regards

Some screen shots of 2.2 Registration validation for QRCode

Manage my Options

Registration Process Start

QRCode Scanning

Code verification

Success or error

[k-korn]

Thanks! Missed issue #13 somehow.

[redhook62]

#13