If the "Auto-create OTP tokens for users" feature is active for User Portal, the UTM everytime creates a new token for a user, if the user tries to log in without token (but correct username / password only - in my case AD users).
As long as the user logs in correctly adding his token behind the password, everything is ok.
I'm actually on my third OTP entry for my User ;o)) Deleted them and started from scratch.
We should make sure, that for users with a existing OTP token is not another OTP user created through "Auto-create OTP tokens for users" feature, if logged in with correct username / password, but without added token code [H]
Guest User!
You are not Sophos Staff.
