Update: bug has been confirmed.
From comments in the GitHub discussion:
"this applies to all new consents (not only expired ones).
Let's say you use MFA and decide to add this option to your site by enabling the appropriate privacy plugins. That's it, no one will be able to log in."
In other words, think carefully before allowing/requiring MFA on accounts where the User doesn't have access to Admin/com_users and so can't fix the problem for themselves.
From comments in the GitHub discussion:
"this applies to all new consents (not only expired ones).
Let's say you use MFA and decide to add this option to your site by enabling the appropriate privacy plugins. That's it, no one will be able to log in."
In other words, think carefully before allowing/requiring MFA on accounts where the User doesn't have access to Admin/com_users and so can't fix the problem for themselves.
Statistics: Posted by JAVesey — Mon Feb 12, 2024 3:37 pm