The user will remain authenticated for as many days as set in the Authentication Cookie Expiry Days setting.
After, the user logs in as usual:
If the authenticator token has expired, they will need to open the authenticator app on their device and enter the code presented:
Clicking on 'Submit' before the code expires on the app will grant the user access to printIQ.
Behind the Scenes
When MFA is enabled and no date is set (not ‘enforced’), if the user has not opted to configure MFA, it displays in orange as ‘Not Set’:
If the Required Date setting is set in the future, it still displays in orange and shows the required date:
If the required date is in the past, it will show in red as overdue:
When MFA has been configured by the user, it will display in green as authenticated:
When a user is authenticated with MFA, there is the option to regenerate the secret or remove the authentication altogether; both of which will require the user to reconfigure MFA again.
A warning is presented before either action is performed: