EpiCare MFA

mbayley · September 29, 2025, 6:40pm

I’m all for tightened security, but requiring MFA at least every 12 hours for EpicCare seems excessive.
I’ve never had to use MFA this frequent. Not even my bank is this strict.

Maaaybe dial it back a bit, Epicor?

Banderson · September 29, 2025, 6:43pm

Los Angeles Anniversary GIF by The Paley Center for Media

chaddb · September 29, 2025, 6:44pm

I am too but it’s a bit much. Especially if you have MFA on your Epicor IDP account. You get double MFA when logging into EpicCare. I sent feedback to the EpicCare team but they weren’t open to any feedback.

jgiese.wci · September 29, 2025, 6:45pm

I already put in an idea on 9/11 but not sure if it’s available yet. Log In - Epicor Identity

Banderson · September 29, 2025, 6:45pm

No No No GIF

chaddb · September 29, 2025, 6:45pm

It’s not. I also have an idea in for changing it.

aosemwengie1 · September 29, 2025, 6:46pm

Agree. Its ridiculous and painful. Honestly makes me think twice about updating my cases. Working as designed maybe?

Banderson · September 29, 2025, 6:47pm

Right? It’s impossible to log in with MFA that often.

Randy · September 29, 2025, 6:56pm

Annoying a f*** but not impossible.

I just reply to the email. No MFA to do that! Now creating a case…

utaylor · September 29, 2025, 7:30pm

I mean I feel like we can request some pretty wild stuff through Epiccare if our accounts go compromised, i.e. “hey can you restore my live database back to 09/01/2025?” or something else pretty damaging. I was trying to come up with things in my head to make me feel fine about this level of prompting.

aosemwengie1 · September 29, 2025, 7:41pm

Even my bank lets me “remember” this computer. My MFA isn’t limited to a single browser session. Even if you pick the 12 hours, if you close your browser, you have to MFA all over again. I can’t think of a single website I interact with on a regular basis that requires that frequency of authentication.

Doug.C · September 29, 2025, 7:43pm

I was wondering if anybody else was going through this. Such a pain.

mbayley · September 29, 2025, 7:45pm

That’s what I thought as well. Someone must have been burned to go from no MFA to this.

Evan_Purdy · September 29, 2025, 7:48pm

Seems like they could give you some level of choice

Mark_Wonsil · September 29, 2025, 7:51pm

My password manager…both on the app and online.

Banks are awful…but getting better.

chaddb · September 29, 2025, 7:52pm

Mine too. But I expect to do MFA that often my password manager.

With MFA on my Epicor IDP there’s no security advantage to having a second MFA prompt just for EpicCare.

mbayley · September 29, 2025, 7:53pm

You are right

Believe it or not, Tangerine bank in Canada only just added support for 32 character passwords. Before that, you could only set a 6 digit pin to login to online banking.

Evan_Purdy · September 29, 2025, 7:54pm

I got locked out of my Samsung S21 because on an OS update it truncated my password

Mark_Wonsil · September 29, 2025, 7:54pm

And I know people who use BMO.

Ew Dissapointed GIF

chaddb · September 29, 2025, 7:55pm

Most still only support SMS for MFA

dead rip GIF