This article serves as a way for you to self-serve your users without needing to reach out to Evo for resetting user's security questions, or other mobile issues. However, if you do find yourself in a situation where you need assistance, do not hesitate to reach out!

Potential issues:

1. Users forgot security questions.

2. Cannot setup MFA for the first time due to security questions errors.

3. Users change/lost their phones and cannot re-setup a new phone (related to security questions).

Best Practice: Remove/re-sync user from Evo portal and uninstall/re-install Evo Secure Login mobile app.

1. Remove the user from the Evo Sync group (the group name could be different on your AD). Open "Active Directory Users and Computers" tool on your on-prem AD, navigate to the user and open user's properties. 

2. You can wait for the LDAP agent syncs after 10 minutes or force it to sync by open LDAP Agent Setting app from your Start Menu. NOTE: This requires a more recent/latest version of the LDAP agent. If your LDAP agent does not have this feature, do please generate and download a more current version of the LDAP agent from the Evo Portal.

3. Uninstall/re-install Evo Secure Login to make sure it does not have any cache on it.

Note for Azure AD: If you use Azure AD to sync users, then you can go to Azure AD portal to remove user from the sync group. Wait for Azure AD to fully remove user(s), then re-add them back to the sync group. This process can take up to 30-60 minutes since Azure AD takes time to sync. 

3. After re-adding users back to the Evo portal, you can send a new QR code to the user's email or alternative email address. Then the user(s) can scan a QR code and setup security questions.

Does it effect to end-users?

Since Evo does not save/store any end-user data, it's safe to remove/re-add users as needed. End-users only need to re-setup their MFA and security questions. Secure Login, SSO or Radius services still work as before. 

What if the users are IT technicians or IT admins who have permissions and Elevated Access attached to their accounts?

You will need to re-setup their permissions and/or Elevated Access OR you can submit a request to reset their security questions to support@evosecurity.com. Evo support will ask the requester to answer a security question to verify it's a legitimate account.