Sometimes you may need to remove Administrator Multifactor Authentication (MFA) from an admin's account.
This can be necessary for a few reasons, such as the admin's device that received MFA tokens broke/was wiped/was lost or stolen, or a security philosophy change that doesn't dictate the need for Admin MFA anymore, etc.
No matter your reason for removing Admin MFA from an administrator, here are the steps to do so:
To get started, log into your Clearlogin Admin panel (https://admin.clearlogin.com) and then on the navigation bar, select User Profiles.
- You will be brought to the User Profiles page. From here click on the blue edit button that matches the user's profile that you want to remove MFA for.
- Near the bottom of the user's Profile Configuration page, click on the red button that says Remove Admin MFA.
- The page will refresh and you will be presented with the below message at the top of the screen, indicating that Admin MFA has been successfully removed:
Congratulations, you have successfully removed Admin MFA from an admin's account.
Make sure that you remove the token from your device's MFA app since you don't need it anymore (it's now invalid, even if you re-enroll the admin in MFA; the admin will need a new token which will be provided during the re-enrollment process).
Note: Should you ever need to re-enroll your admin in MFA, please use these instructions.