Trust My Device

This page is out-of-date. Go to Trust My Device in the new 2FA & RBA guide. Please update your bookmarks!

By default, users can mark their browser or device as “trusted” in order to safely bypass the 2FA process for future logins. “Trust this device” feature in Hosted Login

With 2FA enabled, the second factor of authentication is required the first time a user logs in. If the user completes this verification process and selects “Trust this device for future logins”, they will not have to complete the 2FA process again for 30 days on that browser or device.

You can customize this lifetime or disable the “trust this device” feature by configuring the authentication.second_factor.trust_device_ttl setting in the Identity Cloud Console.

Tip: ttl stands for “time to live”.

The steps below configure a custom trusted device lifetime for a specific property:

  1. Navigate to your application in the Identity Cloud Console
  2. Navigate to MANAGE PROPERTIES
  3. Click the Actions menu ( ) for your Login Client and select Edit. This will take you to the page for viewing and editing your property. View/Edit property in Console
  4. Click the EDIT SETTINGS button at the bottom of the Settings section
  5. Click the Add Setting icon (Add Setting button). This will add a new line to the bottom of the list.
  6. Type or paste in the new setting name: authentication.second_factor.trust_device_ttl
  7. Click on the Create authentication.second_factor.trust_device_ttl. popup Create trust_device_ttl setting in Console
  8. Type in the value for this setting, which is specified in seconds. trust_device_ttl setting value in Console Example values:
    • To reduce the lifetime to 7 days: 604800
    • To set the lifetime back to 30 days: 2592000 (or delete this setting)
    • To disable the trusted device feature: 0
      • When you disable this feature, the “trust this device” option will not appear to users on the 2FA screen, and users will be required to complete the 2FA process every time they login.
  9. Click the Save icon (Save button)

It may take a few minutes for your changes to be reflected in Hosted Login after you add or update a setting in Console.