2 Factor authentication with first time only

You are most likely going to have to build your own custom login control. During first login, users will have to complete the 2nd factor authentication methods. Upon subsequent logins you will not require this.

In Kentico user table it stores the last logged on date/time. You could write your control to check for this value upon entering in username/password. If the value exists, you could code to skip the 2nd factor...if not then require that step.

Hi Virgil,

I plan to use cookie to check number of login in the broswer. As for passcode of 2FA, do you know how i can generate it using Kentico API? And how i can set user to be logged using kentico api?

Hi all,

Can somebody help me on thí?

Virgil is right regarding the last login time. The downfall is the only way to actually capture the previous date before it's changed is to intercept the authentication event.

In a previous question you had I mentioned adding another field to the user settings or user object. I'd suggest doing this if you haven't and then override the Authenticate event. See the documentation here. Then in the authentication event, do a lookup on the user to see if that date is updated, if so, perform some logical actions or set some global properties to let the rest of the system know they don'n need to perform MFA again. If not update the user with date the logged in the first time and then perform your logical actions.