Issue Summary:

Currently, when a user logs in an OTP (One-Time Password) may be sent to their email for verification due to identified security risks aimed at protecting their account. This OTP is only required once per event.

While this adds a layer of security, it can be restrictive for organizations that require more flexible authentication methods. Administrators currently lack the ability to manage or customize OTP challenges for managed accounts, which limits their control over security protocols.

Workarounds:

Administrators have the option to implement Two-Factor Authentication (2FA) as an alternative to email-based OTPs. However, this solution does not provide the granular control over OTP challenges that some administrators may need. The current 2FA setup bypasses email OTPs but does not allow administrators to selectively enable or disable OTP challenges based on their organizational needs or security policies.

Suggested Solution:

• Admin Control for OTP Challenges: Implement a feature that allows administrators to enable or disable OTP challenges for managed accounts. This control would enable organizations to tailor their security measures based on their specific needs and policies
• Alternative Security Measures: Provide an option for administrators to set a security PIN or passphrase as an alternative to the OTP email. This could be configured to enhance or replace the current OTP system, offering flexibility in how security is managed.