Removing all IBM MFA factors for a user

You can remove all IBM® MFA factors for a user. There is no undo for this operation.

About this task

When you remove all IBM MFA factors for a user, all IBM MFA factors and tags are removed, and the users must use their RACF® credentials to log on. Before removing all factors, consider deactivating (NOACTIVE) the factors instead to preserve the IBM MFA data.

Procedure

  1. The following example removes all IBM MFA factors for a user. 
    ALU [Login ID] NOMFA
  2. You might instead enter the following command to deactivate a user for a factor such as TOTP: 
     ALU [Login ID] MFA(FACTOR(AZFTOTP1)
    NOACTIVE)