RFO

Our engineers determined the cause of the login issues for some customers to be due to previously enabled 2FA/OTP where this had been previously disabled by request due to the device being lost or key deleted.

When disabled the the feature was removed from the account but the internal key was retained even when a new key was activated and used for historic audit and logging purposes.

As part of our change to SSO for all services, the old key in some cases would conflict with the new kew and cause the login flow to fail.

This issue only affected a very small number of logins due as resets for disabling 2FA/OTA and the requirements for ID proofs to do so are limited.

The cause of the issue has been identified and our engineers are working to resolve this as soon as possible with a RFO.

We have received reports of login errors from some customers and our engineers are investigating.