In EmpowerID, Passwordless login is a type of multi-factor authentication (MFA) that you can apply to Password Manager Policies to allow users with the policy to skip the password and login using only their EmpowerID user names or email addresses. This simplifies the login process for users by not requiring them to remember their passwords, while making their accounts more secure through multi-factor authentication.
To login using Passwordless login, users click the Passwordless Login link on the login page. This initiates the Passwordless Login MFA workflow, which asks the users to submit either their user names or passwords. This workflow has a boolean parameter named TargetUsePolicyMultiFactor, This parameter must be set to true for the workflow to continue. If true, the workflow then looks at the Password Manager Policy associated with those users—and based on the Passwordless Login MFA settings of that policy—asks each user to authenticate using one or more of the MFA types set for the policy until they reach the required number of MFA points to login.
From the above flow, we can see two main components of Passwordless login—the Passwordless Login MFA workflow and the Password Manager Policy. To successfully implement Passwordless login, you must configure both. This topic demonstrates how.
Next, expand the Multifactor Authentication accordion and ensure that the policy has enough Multi-factor Authentication types to reach the point threshold set in the above step.
To add MFA Types to Password Manager Policies, see Assign MFA Types to Password Manager Policies. |
Users will now be able to login using Passwordless login. For steps on using Passwordless login, see Using Passwordless Login