Centralized MFA with 2022.3.x

FYI we do have a support ticket, but I wanted to start a conversation here. Ticket 00012262.

We were affected by the bug in the new version where MFA is enforced at the data source level, people could get in to change that MFA after upgrading, so many of us had to uninstall and reinstall the .2 version. Looks like .3 fixes that, but when the MFA screen pops up, all my MFA information is gone.

For one of our SQL data sources that we want to keep a little more secure, we're using Duo MFA enforced along with custom logins controlled through RDM versus standard SQL/AD creds. This lets me distribute the .rdd file, and then I have the users just edit it, change their user name in 3 spots, enter in their PW and DB passphrase, and we're good - all the MFA information for DUO in in that .rdd file.

My guess is that MFA is no long shared through the .rdd file? With the new .3 version, I imported an rdd file, and it didn't bring in the mfa info. I don't like the idea of distributing my Duo integration key and secret to users, and I think those have some kind of hash in the rdd file (please correct me if I'm wrong!). Is there a new way of centrally managing this for corporate deployments where we don't want users keying this information in?

Tom