I have enforced Google Authenticator for all the users in my Okta Org. Google Authenticator is the only 2FA. Now let’s say one of my users lost his phone that has the Google Authenticator. He is no longer able to get the passcode to authenticate himself. In this scenario, is there a way the user can self-recover or self-reset the 2FA?
he won’t be able to do reset till they log in, and if that is not possible w/o 2fa, then no luck. I’d suggest to let people have a choice (setup another factor). Otherwise only admin can do a reset for them.