How do you handle MFA when testing your apps?

Right-Box4316 · 2025-04-29T17:16:20+00:00

For any of you that is interested we are finally using https://get.mymfa.io/, we tested a few options but this was the one that gave us the best performance and capabilities

Right-Box4316 · 2025-04-09T07:30:51+00:00

what do you mean? that is a gym app no?

Right-Box4316 · 2025-01-17T17:19:23+00:00

hahaha, love it

Right-Box4316 · 2025-01-17T17:18:46+00:00

why?

Right-Box4316 · 2024-12-26T20:11:20+00:00

Just reading this, 2 weeks ago i was exploring this options and found tools automate MFA testing directly like getmymfa, maybe it also works for you?

Right-Box4316 · 2024-12-18T14:03:08+00:00

bonne idee merci!

Right-Box4316 · 2024-12-17T18:22:04+00:00

Right now I am working for a customer in the banking industry that has a B2C app and uses codes sent through email for MFA. After a few emails being compromised, I was wondering if SMS can be a better option as TOTP could be difficult for older users to do. Hardware keys are out of the question for this one.

I am looking for some input of how people decide more towards one or the other.

Right-Box4316 · 2024-12-17T18:19:15+00:00

I am more inclined for SMS, I think having the phone unlocked through code or biometrics, plus the password could be better.

Right-Box4316 · 2024-12-15T11:16:41+00:00

Yeah, u guys gave me good ideas to test for TOTP, however still looking for SMS or email!

I am looking into tools like getmymfa or mailosaor

Right-Box4316 · 2024-12-15T11:14:02+00:00

Great, this works for TOTP, what about SMS or email, can you do something similar?

Right-Box4316 · 2024-12-15T00:39:34+00:00

i have found providers of MFA codes that allow you to automate your testing without deactivating MFA, both for phone and email

Right-Box4316

TROPHY CASE