Thank you for supporting the Cloud Customer Connect Community in 2024. It's a gift to work with you!

Look back
You're almost there! Please answer a few more questions for access to the Applications content. Complete registration
Interested in joining? Complete your registration by providing Areas of Interest here. Register

MFA is enable on OCI Free tier but I never installed the app

in Identity and Access Management 4 comments

Hello.

A few month ago, Oracle asked me if I would like to setup a MFA on my account by email. I was going to enable it, but when I tried to scan the generated QRCode with my generic Authenticator app, it didn't work. I had to download a specific Oracle authentication app to make it work, and since I didn't want to, I canceled the MFA registration.

But it didn't canceled anything! I try to connect this week and I was asked to enter a passcode from the authenticator I didn't installed. I can't connect anymore. I looked on the forum for help, and apparently there was a vulnerability, on OCI login page. It was possible to edit the url to access the account settings and change or reset MFA (

Tagged:

Howdy, Stranger!

Log In

To view full details, sign in.

Register

Don't have an account? Click here to get started!