Cached Credentials
  • 25 Feb 2025
  • 1 Minute to read
  • Contributors
  • Dark
    Light

Cached Credentials

  • Dark
    Light

Article summary

By default, the MFA clients locally cache certain authentication methods for faster login times and for if your client computer(s) cannot communicate with the MFA server. While turning this capability off is not usally recommended, it is possible and is described in more detail in our Always Online Mode article.

What methods can the client cache?

  • Contactless Cards
  • Emergency Access (Question & Answer)*
  • FIDO tokens
  • Fingerprints


*Emergency Access cannot perform first-time logins. Another method (like Contactless Cards) must be used first in order to pull down the account's info.


Troubleshooting

Users can sometimes experience issues signing in with their authentication devices after they enroll a new device (or finger) to their name. While rare and of no fault of the users', this sometimes happens when the client's cached credentials interfere with the new credentials and authentication data.

To learn more about and fix this issue, please see our Remove Cached Credentials From Client or User Removal Tool pages. If you still have difficulties signing in after all of this, please reach out to our Support for further assistance.


Was this article helpful?