When your policy requires users have a more secure login experience, EmpowerID's multi-factor authentication (MFA) model gives you multiple options for applying MFA to people. Depending on your policy, you can require users to perform MFA against a wide variety of MFA Types or simply allow users to decide for themselves whether they want to protect their accounts with MFA.
| Info |
|---|
If the Password Manager Policy assigned to users has one or more required MFA Types assigned to it, users must use those types in addition to their regular logon methods. Setting an MFA Type directly on a person only has effect when that MFA Type is not required on their Password Manager Policy. |
To set multi-factor authentication on people
- On the navbar, expand Identity Administration and select People.
- Search for the person to whom you want to require MFA and click the EmpowerID Login link for that person.
This directs you to the View page for that person. View pages allow you to view information about a selected resource and manage that resource as is appropriate. - From the View page, click the Multifactor Authentication accordion to expand it and then click the Add (+) button in the grid.
In the dialog that appears, select the desired MFA Type from the Type drop-down, specify the Priority and then click Save.
Once EmpowerID processes the request, you should see a record for the MFA Type in the grid. As indicated by the record, the selected MFA Type is now required for the person. The additional factor must be completed by the user before access is granted.