Implementing Multi Factor Authentication - What happens in the event that the MS Authenticator service goes down?

Question

Hi everyone,  We are implementing MFA into our backup environment and were wondering what happens in the event that the authenticator service (Microsoft Authenticator/Google Authenticator) goes down? Is the potential unavailability of the authenticator service a concern in the functionality of Commvault Multifactor authentication.  My thoughts are as follows: In the context of Time-Based One-Time Passwords (TOTP), the secret key is stored on the user's device and does not rely on an internet connection. As long as a user has access to their device, they will be able to authenticate into Commvault. I have no evidence or documentation to back this up though. I’m not entirely sure if the secret key is stored locally on the user's device and relies upon an internet connection for the service to be up.

Answer 1

Hi,

Entra ID provides 99.99% uptime for the services offered and MFA is one of them, you can check the highly available MFA service is resilent and you should not be worried about the availability for MFA or other core services provided by Microsoft check this - https://techcommunity.microsoft.com/t5/microsoft-entra-blog/advances-in-azure-ad-resilience/ba-p/2147048#:~:text=As%20an%20example%20of%20an,a%20fully%20active%2Factive%20way.

Hope this helps. JS

Please accept as answer and do a Thumbs-up to upvote this response if you are satisfied with the community help. Your upvote will be beneficial for the community users facing similar issues.