You are viewing an earlier version of the admin guide. For the latest version, please visit EmpowerID Admin Guide v7.211.0.0.

Set Multi-Factor Authentication

When your policy requires users have a more secure login experience, EmpowerID's multi-factor authentication (MFA) model gives you multiple options for applying MFA to people. Depending on your policy, you can require users to perform MFA against a wide variety of MFA Types or simply allow users to decide for themselves whether they want to protect their accounts with MFA.

If the Password Manager Policy assigned to users has one or more required MFA Types assigned to it, users must use those types in addition to their regular logon methods. Setting an MFA Type directly on a person only has effect when that MFA Type is not required on their Password Manager Policy.

Set multi-factor authentication on a person

  1. Navigate to the View or View One page for the person to whom you want to require multi-factor authentication. EmpowerID provides two main ways to do this. You can navigate to the page by searching for the person using the Global search bar at the top of the page (quickest), or you can navigate to the page by searching for the person using the Find Person page.



  2. On the View or View One page, expand the Multifactor Authentication accordion and then click the Add (+) button in the grid.

     

  3. In the dialog that appears, select the desired MFA Type from the Type drop-down, specify the Priority and then click Save.


    Once EmpowerID processes the request, you should see a record for the MFA Type in the grid. As indicated by the record, the selected MFA Type is now required for the person. The additional factor must be completed by the user before access is granted.