Veeam Backup & Replication 13
Event Reference
ASK LLM
Ask ChatGPT
Ask Grok
Ask Perplexity
Related documents
Search

Code for Multi-Factor Authentication Already Used

Sent when a user enters a multi-factor authentication confirmation code that has already been validated. For more information, see Multi-Factor Authentication.

General Information

Event ID: 40207

Event message details: An attempt to use already validated MFA code has been performed for <UserName>

Severity: Info

Parameters

Parameter Name

Description

Example

UserName

Name of the user who performed an operation.

UserName="TECH\user1"

Endpoint

Mobile device where the attempt was detected.

Endpoint="[::1]:52182"

SID

User security identifier.

SID="S-1-5-21-670747961-1840839389-3357612639-1134"

VbrHostName

Backup server name. Can be a DNS name, an FQDN or an IP address.

VbrHostName="vbrsrv01.tech.local"

VbrVersion

Veeam Backup & Replication version.

VbrVersion="13.0.1.180"

Version

Event version (service parameter).

Version="1"

Description

Event message details.

Description="An attempt to use already validated MFA code has been performed for TECH\user1."

Syslog Message Example

1 2025-11-29T16:32:04.193345+02:00 VBRSRV01 Veeam_MP - - [origin enterpriseId="31023"] [categoryId=0 instanceId=40207 UserName="TECH\user1" Endpoint="[::1]:52785" SID="S-1-5-21-670747961-1840839389-3357612639-1134" VbrHostName="vbrsrv01.tech.local" VbrVersion="13.0.1.180" Version="1" Description="An attempt to use already validated MFA code has been performed for TECH\user1."]

Page updated 12/5/2025

Page content applies to build 13.0.1.180

View all results across Veeam Help Center
Back to document search