Some users unable to use MFA to Log In after upgrade to Yokohama ReleaseIssue Following the upgrade to the Yokohama release, some users are unable to use Multi-Factor Authentication (MFA) when logging into the instance. This issue occurs even though MFA enforcement is introduced as part of the Yokohama upgrade.SymptomsUsers who were not required to use MFA prior to the Yokohama upgrade do not receive an MFA prompt after the upgrade.New users created in Yokohama who are not covered by any existing MFA policy also do not receive an MFA prompt.In both cases, affected users are still able to log in using only their local password, without any MFA challenge.ReleaseThis behavior has been observed in instances upgraded to the Yokohama release CauseThis behavior is due to the MFA enforcement logic introduced in the Yokohama release. According to the new logic: If a user was not previously enrolled in MFA before the upgrade and attempts to log in after the upgrade, the system will start tracking that user for 30 days (default period).During this tracking period, the user will receive a self-enrollment message, but MFA will not yet be enforced.After the 30-day tracking period, MFA enforcement will automatically begin.This tracking is recorded in the sys_user_mfa_enforcement_info table, where a unique entry is created for each tracked user.ResolutionTo enforce MFA immediately for a specific user, follow these steps: Navigate to the sys_user_mfa_enforcement_info table.Open the record associated with the affected user.Update the Status field from "Tracking" to "Enforced". This change will bypass the 30-day tracking period and immediately require MFA for that user upon their next login.Related LinksKB1700938 – Yokohama: MFA Enforcement logic KB1709783 – Understanding MFA enforcement behavior in Yokohama