Revise MFA documentation for clarity and completeness #9778
Conversation
Updated MFA documentation to enhance clarity and detail on setup, recovery, and reset processes.
| [#mfa-reset-process] | ||
| == MFA Reset Process | ||
|
|
||
| The MFA reset process depends on your situation and whether you retain access to your account. |
There was a problem hiding this comment.
@rowantomas just wondering what you mean here by "reset process". What's the actual task for this how-to section? Sounds like its something like "Add a new authenticator app"? But then it mentions regenerating a code so I'm not 100% sure the intention of the new section
|
|
||
| If you have lost access to both your authenticator app and recovery code, you are locked out of your CircleCI account. CircleCI cannot bypass MFA for security reasons. The only way to regain access is through your recovery code. Support cannot reset MFA if you have no recovery code and cannot verify your identity. | ||
|
|
||
| === Scenario 3: Support-initiated MFA reset |
There was a problem hiding this comment.
Does this 3rd scenario mean that if you lose your recovery code you might actually be able to regain access with help from support? As this contradicts the previous section we should maybe tighten up the language a bit?
| CircleCI does not manage or enforce MFA for VCS logins – it relies entirely on the provider's authentication system. | ||
|
|
||
| [#support-escalation] | ||
| == Support Escalation Summary |
There was a problem hiding this comment.
This seems like internal docs for the support team rather than customer facing info?
| Check that the time on your device is up to date. If your authenticator app does not automatically sync time, check for a setting to re-sync it. If you continue to have issues and can't use the OTP, you can use your recovery code to authenticate instead. You can then remove and re-add the MFA factor. | ||
|
|
||
| [#vcs-mfa] | ||
| == Enabling MFA for VCS Logins |
There was a problem hiding this comment.
I would move this before the troubleshooting section ideally if we really need it, maybe after the intro
Updated MFA documentation to enhance clarity and detail on setup, recovery, and reset processes.
Description
What did you change?
Reasons
Why did you make these changes?
Content Checklist
Please follow our style when contributing to CircleCI docs. Our style guide is here: https://circleci.com/docs/style/style-guide-overview.
Please take a moment to check through the following items when submitting your PR (this is just a guide so will not be relevant for all PRs):