Each time you authenticate your access, Activ will automatically create and store a record of the device on which that authentication was made. This record is subsequently used within MFA’s ‘Remember Me’ feature to allow you to login from that device without re-authenticating (as long as none of the re-authentication conditions have been triggered; see Authenticate your Access). This feature ensures that you are able to balance the extra security of MFA with the convenience of being able to login multiple times without continuously re-authenticating. However, you may find that there are times when you need to overwrite this ‘Remember Me’ functionality to force re-authentication before the normal conditions are triggered. For example:
- You may need to ‘lock down’ a device that has been lost or stolen
- You may suspect that a device has been compromised by (e.g.) hackers
- You may have replaced a device, and need to remove it from Activ’s Trusted Devices before disposal
To support this, Activ allows you to clear a user’s Trusted Devices from the underlying database, immediately invalidating all authentications for those devices even if those authentications would normally still be valid. This will force the user to re-authenticate their access on every device and browser that they use before they can continue to access your system.
Note that clearing Trusted Devices will not impact a user’s access to their current session, meaning that they will not be prompted to re-authenticate if they are logged into the account when the devices are cleared. However, they will be required to re-authenticate upon their next login attempt.
*****
To clear a user’s Trusted Devices, open their record on its Login Permissions tab and click on the Clear Trusted Devices button at the top of the screen.
Activ will clear the list of Trusted Devices that it currently holds for the user, invalidating all authentications that have been set across their devices and browsers. The user will be required to re-authenticate their access on every device and browser they use the next time they log into Activ from each device/browser.