Just a small advice to not use Microsoft Authenticator for both your Demo and PROD environment if your username is the same in both environments.
When configuring the second login into the MS Authenticator, it will overwrite the first one, leaving you stuck on the environment you configured first in MS Authenticator.
Use either a different authenticator or email confirmation in this case.
Problem does apparently not exist with Google Authenticator.
Just a small advice to not use Microsoft Authenticator for both your Demo and PROD environment if your username is the same in both environments.
When configuring the second login into the MS Authenticator, it will overwrite the first one, leaving you stuck on the environment you configured first in MS Authenticator.
Use either a different authenticator or email confirmation in this case.
Problem does apparently not exist with Google Authenticator.
Hey Marc,
Thanks for raising this issue. We will update our guides to reflect this discovery. Sadly, this is a Microsoft issue (not a Mews one), so we cannot resolve it completely.
David
Hey
Thank you for the quick reply. A bit surprised that this is a Microsoft issue, as using Microsoft Authenticator for over 50+ applications (several PMS, Project Tools etc, often for several accounts under the same email, Test and Prod and so far never had any issues. But obviously not aware of the technical details.
Best, Marc
Hey
Your comment inspired me to find out how other platforms handle this issue. After some digging, I might have found the problem. I believe the reason we’re running into this issue is because the 2fa issuer is identical across all Mews environments, which leads to Microsoft thinking they have the same 2fa keys. I made a proof of concept to test this hypothesis, which seems to fix the problem.
I will ask the team to validate this next week and get back to you.
Thanks
David
Hey
Nice - thank you for being curious! I agree with your findings, that was my assumption as well. I think good to also include in the analysis the case where you are authenticating against an external Identity store (such as Entra - SSO), because there, you might have the need to authenticate against one single source of truth for both Demo and Prod. Otherwise I think the two environments should be strictly separated in all functions.
Have a great weekend, Marc
Hey
Just an update. We made a fix for this issue and merged it today. It’s unlikely to go to production tomorrow (cos its Friday) but it will be there first thing on Monday.
Thanks for raising this issue and being patient on this one
David
Oh wow, that was fast
I have now installed the 1Password 2FA for Demo and love it :) - great to hear there are so many options!
Many thanks once again!
Marc
Welcome Mews customers. Please use the same email address for registration as in your Mews account. By doing so we can help you faster if we might need to check something in your account.
Already have an account? Login
No account yet? Create account
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.
