In EmpowerID, multi-factor authentication (MFA) is a flexible, configurable points-based system with integrated Adaptive Authentication policies which can be authored in Workflow Studio. Administrators define a specific number of trust or MFA points, and apply those points to objects in EmpowerID to provide a target point number required to authenticate to EmpowerID, and to access any third-party applications secured by EmpowerID. Adaptive Authentication policies are applied in conjunction with the MFA Trust Point system and support complex context-based rules using on identity attributes, device info, and environmental attributes such as geo-velocity. These are a few of the objects to which you can apply these policies and rules: - Password Manager policies
- MFA methods
- IP address ranges
- Identity Providers
- Service Provider Applications
Tip |
---|
Depending on how you configure EmpowerID, you can require users to pass through a number of checkpoints and to submit additional biographic information before gaining access to resources. Checkpoints can include the user's IP address, the selected identity provider and the Password Manager policy assigned to the user. |
|