RE: Allowing end users to reset one time google authenticator TOTP token
We are using the google authenticator application as a 2nd factor authenticator. For the 1st factor authentication, users enter their domain credential and google TOTP generated token is used as the 2nd factor authentication.
At present, if a user removes their authenticator application from their phone, one of the administrators has to explicitly reset the token for the user. This is well and fine, but due to large user connections over the VPN, admins are starting to get overwhelmed with the amount of resets necessary.
What would be best away to streamline the process. Is it possible to provide end users with the capability to reset their tokens?