Tangilla uses a trusted device list for each user to streamline the login process and bypass the SMS verification step. The list, which typically has a maximum of five devices, automatically replaces the oldest device with the newest one when a user adds a sixth device. This operates on a first-in, first-out (FIFO) basis. Your organization can determine the number of trusted devices you wish to allow. Just contact support to update this number.
The trusted device feature is powered by a browser cookie. When you trust a device, Tangilla places a unique cookie on your browser. On subsequent logins, your browser sends this cookie to our server. If the cookie's value matches one on your trusted device list, you'll skip the SMS verification. Otherwise, a one-time SMS code will be sent to your phone for verification.
The trusted device feature relies on your browser's ability to store cookies. It won't work if you're using:
The term "trusted device" is a bit of a misnomer. A more accurate term would be "trusted browser." Trusting a device in one browser (e.g., Google Chrome) does not extend that trust to another browser on the same device (e.g., Mozilla Firefox) because cookies are not shared between different browsers. This means you could potentially have multiple trusted browsers on a single device, each counting toward your device limit.
Note: the term "trusted device" and the implementation describe above is the same as the one used by Google.
| # | Question | Answer |
|---|---|---|
| 1 | What is Tangilla’s “trusted device” feature? | A per-user list that streamlines login and lets you bypass the SMS verification step when using a previously trusted browser. |
| 2 | How many devices can I trust at once? | The list typically has a maximum of five devices. |
| 3 | What happens when I add a sixth device? | The oldest entry is automatically replaced by the newest one (first-in, first-out/FIFO). |
| 4 | How does Tangilla recognize a trusted device? | By a unique browser cookie. When you trust a device, Tangilla places a cookie; on later logins your browser sends it, and if it matches your trusted device list, you skip SMS verification. |
| 5 | What if the cookie is missing or doesn’t match? | You’ll be prompted to verify with a one-time SMS code. |
| 6 | Is “trusted device” the same as “trusted browser”? | Practically, yes. Cookies are per browser, so trust in one browser (e.g., Chrome) doesn’t carry to another on the same device (e.g., Firefox). |
| 7 | Can I have multiple trusted browsers on one device? | Yes. Each browser can be trusted separately, and each counts toward your device limit. |
| 8 | Do trusted devices work in Incognito/Private mode? | No. Private/incognito windows delete cookies when closed, so trust won’t persist. |
| 9 | Can privacy extensions or settings break trusted devices? | Yes. Extensions or aggressive privacy settings that block or clear cookies will prevent the trusted-device cookie from being stored or remembered. |
| 10 | When will trust not apply? | Private/incognito windows; aggressive privacy settings/extensions; manual clearing of cookies/site data; fresh browser install, new profile, or OS refresh; and security overrides such as admin policies, role changes, password resets, or risk signals. |
| 11 | Does clearing cookies remove my trusted status? | Yes. Manually clearing cookies or site data removes the cookie needed to recognize a trusted browser. |
| 12 | Do I need to use the same browser and profile I trusted? | Yes. Cookies don’t cross browsers or profiles; you must use the same browser/profile that was trusted. |
| 13 | Will reinstalling my browser or OS affect trust? | Yes. A fresh install, new browser profile, or OS refresh clears cookies; you’ll need to allow the relevant domains again. |
| 14 | Why am I getting MFA every time even after trusting my device? | Check that you’re using the same browser/profile, not in Private mode, and that no extensions are blocking or clearing cookies. Also verify your organization hasn’t changed security policies that force re-verification. |
| 15 | How do I troubleshoot repeated SMS prompts? | 1) Use the same browser/profile you trusted. 2) Turn off Private/Incognito for sign-in. 3) Check privacy extensions and add your SSO login to the allowed domains list. 4) If you cleared data or reinstalled, allow the domains again. 5) Confirm org policies didn’t change to force MFA. |
| 16 | Who can force MFA even on a trusted browser? | Admin/security overrides—such as admin policies, role changes, password resets, or risk signals—can require MFA again. |
| 17 | Are cookies required for trusted devices to work? | Yes. The feature relies on your browser’s ability to store and return a cookie. |
| 18 | Does trust carry over between different browsers? | No. Trust is per browser; it does not carry over to other browsers on the same device. |
| 19 | Does trust carry over between different profiles in the same browser? | No. Cookies don’t cross profiles; each profile is separate. |
| 20 | Is Tangilla’s implementation similar to Google’s? | Yes. The term “trusted device” and the implementation described are the same as the one used by Google. |