https://community.cisco.com/t5/cloud-networking-platform/disable-2fa-for-admins/m-p/5427449#M7726 <P>Hello <A href="https://community.meraki.com/t5/user/viewprofilepage/user-id/26965">@p.deleuw</A>,</P><P>Enabling SAML as <A href="https://community.meraki.com/t5/user/viewprofilepage/user-id/64504">@Brash</A> mentioned is a potential alternative, however, it is correct that even if 2FA is disabled on a dashboard administrator's account, OTP can still be triggered. This feature is in place for enhanced security, and an option within the dashboard is not available to disable it.<BR /><BR /><SPAN><A title="Authentication Enhancements and New Dashboard Security Features" href="https://documentation.meraki.com/General_Administration/Other_Topics/Authentication_Enhancements_and_New_Dashboard_Security_Features" target="_blank" rel="noopener nofollow noreferrer">Authentication Enhancements and New Dashboard Security Features</A> documentation</SPAN><BR /><BR />If you have a very strong or unique use case, I highly recommend reaching out to Meraki Support and providing as much detail as possible to determine if a solution is available that meets your specific use case. Please feel free to link to the documentation provided above when submitting the support case, so that it is clarified that you are referencing wanting to bypass both the 2FA <EM>and</EM> OTP features for an account.<BR /><BR /></P><P data-unlink="true"><SPAN>A support case can be opened by navigating to <STRONG>(?) &gt; Get Help &amp; Cases &gt; Pick a Tile to Contact Support &gt; Submit a case </STRONG>or by following the steps provided in the <A href="https://documentation.meraki.com/General_Administration/Support/Contacting_Support" target="_self" rel="nofollow noopener noreferrer">Contact Cisco Meraki Support</A> document <A href="https://documentation.meraki.com/General_Administration/Support/Contacting_Support" target="_self" rel="nofollow noopener noreferrer">here</A>.</SPAN></P><P data-unlink="true"><SPAN><BR />Best,<BR />Feli</SPAN></P> Fri, 18 Oct 2024 14:33:57 GMT FeliA 2024-10-18T14:33:57Z https://community.cisco.com/t5/cloud-networking-platform/disable-2fa-for-admins/m-p/5427447#M7724 <P>Hi all,</P><P>I am CCSI and I teach the ECMS course. We have built the lab for this course and configured an organization with some administrators in the dashboard. This administrator accounts are used by the students during the course.</P><P>Meraki is forcing 2FA for the login. If 2FA is not explicitely configured, 2FA is done via e-mail. Every day a student wants to log in, I have to give the security code to the students, since the students have no access to the associated e-mail accounts. Imagine you have 10 students: Every day (!) 10 Mails, 10 security codes, each has to be given to the correct student.</P><P>Is there a way to disable 2FA for specific accounts at all? It is a lab exclusively for the course, security is not a real concern.</P><P>Best regards</P><P>Peter</P> Fri, 11 Oct 2024 08:31:31 GMT https://community.cisco.com/t5/cloud-networking-platform/disable-2fa-for-admins/m-p/5427447#M7724 p.deleuw 2024-10-11T08:31:31Z https://community.cisco.com/t5/cloud-networking-platform/disable-2fa-for-admins/m-p/5427448#M7725 <P>There is no way to exclude MFA for local accounts.</P><P>The only way I can think of to achieve it would be to integrate with an identity provider using SAML.</P> Fri, 11 Oct 2024 12:21:48 GMT https://community.cisco.com/t5/cloud-networking-platform/disable-2fa-for-admins/m-p/5427448#M7725 Brash 2024-10-11T12:21:48Z https://community.cisco.com/t5/cloud-networking-platform/disable-2fa-for-admins/m-p/5427449#M7726 <P>Hello <A href="https://community.meraki.com/t5/user/viewprofilepage/user-id/26965">@p.deleuw</A>,</P><P>Enabling SAML as <A href="https://community.meraki.com/t5/user/viewprofilepage/user-id/64504">@Brash</A> mentioned is a potential alternative, however, it is correct that even if 2FA is disabled on a dashboard administrator's account, OTP can still be triggered. This feature is in place for enhanced security, and an option within the dashboard is not available to disable it.<BR /><BR /><SPAN><A title="Authentication Enhancements and New Dashboard Security Features" href="https://documentation.meraki.com/General_Administration/Other_Topics/Authentication_Enhancements_and_New_Dashboard_Security_Features" target="_blank" rel="noopener nofollow noreferrer">Authentication Enhancements and New Dashboard Security Features</A> documentation</SPAN><BR /><BR />If you have a very strong or unique use case, I highly recommend reaching out to Meraki Support and providing as much detail as possible to determine if a solution is available that meets your specific use case. Please feel free to link to the documentation provided above when submitting the support case, so that it is clarified that you are referencing wanting to bypass both the 2FA <EM>and</EM> OTP features for an account.<BR /><BR /></P><P data-unlink="true"><SPAN>A support case can be opened by navigating to <STRONG>(?) &gt; Get Help &amp; Cases &gt; Pick a Tile to Contact Support &gt; Submit a case </STRONG>or by following the steps provided in the <A href="https://documentation.meraki.com/General_Administration/Support/Contacting_Support" target="_self" rel="nofollow noopener noreferrer">Contact Cisco Meraki Support</A> document <A href="https://documentation.meraki.com/General_Administration/Support/Contacting_Support" target="_self" rel="nofollow noopener noreferrer">here</A>.</SPAN></P><P data-unlink="true"><SPAN><BR />Best,<BR />Feli</SPAN></P> Fri, 18 Oct 2024 14:33:57 GMT https://community.cisco.com/t5/cloud-networking-platform/disable-2fa-for-admins/m-p/5427449#M7726 FeliA 2024-10-18T14:33:57Z