Is it possible to disable MFA for specific users and enable it for eveyone else?
Ive only added admin and one other user under advanced settings and a different user is STILL being asked for MFA token. No, that user is NOT in a group that is flagged under advanced for MFA use.
Using latest Ubuntu based deployment
Thanks
Ivan
Hello @ivan
Mind you providing more details about this statement? Do I understand correctly, that you have set up group where you (admin) and one another user and this group is eligible for enabling mandatory 2FA but the code is required for the user who is not in the group or in the separate list?
Also, please let me know versions of all components of the portal. You can find those in Update tab of the Control Panel.
We have tested the situation with MFA being asked for the users that are not in the list/group under Mandatory Two-factor authentication setting and, unfortunately, currently this feature is bugged.
We registered a bug based on this behavior and have already started working on it.
Thank you for reporting this issue and sorry for the inconvenience caused.
Thanks Constantine.
I’ve a work qaround for now by tying non-MFA access to a subnet.
Appreciate feedback
Ivan
Hello again @ivan
I’ve got some new information on the MFA. I have found out that current behavior is not bugged, here is description of how feature works:
With that said, according to your description of the problem, you have MFA enabled with Authenticator app which means that you have MFA enabled for everyone on the portal (clause 2). You can now set up Trusted Networks section for the users that should not be asked for the code when logging it.
I hope it brings some more clarity to the topic.
Thanks Constantine.
This helps a lot.
Perhaps add to a FAQ for OO in case anyone else finds the “non bug” 
Ivan
PLS close ticket and thanks for follow up