|
|
|
|
|
|
by ExoticPearTree
1094 days ago
|
|
|
From an user experience perspective, this would be the way. At some at the company I work for, we decided to changing hashing algorithms and we did it on the fly when user authenticated again. Users were happy, we were happy. But as someone already said here, there's a high probability that the OTP seeds were stolen so that's why they are doing this forced reset for MFA re-enrollment. |
|
|