Reset MFA for Customers: A Safe Access Recovery Approach in Site24x7 MSP

Reset MFA for customers: A safe access recovery approach in Site24x7 MSP

Multi-factor authentication (MFA) adds an extra layer of security for Site24x7 MSP accounts, but losing access to the registered MFA device can temporarily block a customer from logging in. To address this, Site24x7 MSP provides a secure process for resetting MFA. This guide outlines a real-world use case and step-by-step instructions for MSP admins to help customers regain access to their accounts safely while maintaining security and business continuity.

How bypassing MFA helps

By allowing the customer to temporarily bypass MFA through MSP admin approval, Site24x7 MSP ensures a secure and seamless recovery process. Customers regain access quickly, reset their MFA settings independently, and resume monitoring activities without disruption. This controlled and efficient workflow balances strong security with operational continuity, making MFA recovery both safe and straightforward.

Real-world use case

Scenario
A Site24x7 MSP admin manages multiple customer accounts. A customer loses their mobile device, which was configured for MFA in their Site24x7 MSP account. Since MFA is enabled for their account, the customer cannot log in with just their username and password.

Problem
Without access to their MFA device, the customer cannot authenticate and access their Site24x7 account. This results in delays in monitoring activities, troubleshooting tasks, and other critical operations.

Solution
The MSP admin can grant permission to disable MFA specifically for the affected customer. This ensures:
  1. Maintained security: MFA is not turned off globally; permission is restricted to this customer only.
  2. Customer autonomy: The customer can log in and configure MFA on a new device without needing to share their password or rely on MSP admins to reset the account.
  3. Business continuity: The customer quickly regains access, ensuring monitoring and incident response remain uninterrupted.

Steps to reset MFA

Step 1: Grant MFA permission to the customer
This step is intended for MSP admins who have the privilege to grant MFA permissions to their customers.
  1. Log in to the Site24x7 MSP account.
  2. Navigate to Admin > Customers.
  3. Select the customer who needs their MFA permission reset and click the hamburger icon  next to their name.
  4. Choose Disable Multi-Factor Authentication. This action allows the customer to disable MFA for their account temporarily.
Step 2: Disable or reset MFA
This step is for MSP customers who have been given permission to disable or reset MFA on their devices.
  1. Log in to the Site24x7 MSP customer portal.
  2. Click the profile image in the top-right corner and select My Account.



    Notes
    Note: The My Account option will be visible only if the MSP admin has disabled MFA for the customer. When MFA is enabled for the first time, My Account will not appear, but it will become visible once MFA is disabled.
  3. Click Enable Multi-Factor Authentication on the My Account page and you will be redirected to the Zoho Accounts page. Learn more about MFA for customer accounts.



  4. Disable MFA using the toggle button beside MFA Modes. Under MFA Modes in the Multi-Factor Authentication page, click Set up Now and follow the steps provided to add a new device.



    Under MFA Recovery Options, click Generate New Codes to create new recovery codes. You can download and save the codes for future use.
Step 3: Set up MFA on a new device
Follow the steps to add MFA on your new device here: Configuring MFA.