Passwordless Login

Owned by Phillip Hanegan
Feb 29, 2024
3 min read

EmpowerID's Passwordless Login feature is a convenient and secure form of multi-factor authentication (MFA) that allows users to bypass traditional password entry and log in using only their EmpowerID usernames or email addresses. This method simplifies the login process by eliminating the need to remember complex passwords while maintaining account security through MFA. EmpowerID offers a configurable Passwordless Login MFA workflow to fully utilize this feature.

Passwordless Login Process

When users initiate the Passwordless Login MFA workflow by clicking on the Passwordless Login link on the login page, they are prompted to submit their usernames or email addresses. The workflow proceeds only if the Boolean parameter TargetUsePolicyMultiFactor is true. Upon meeting this condition, the workflow evaluates the associated Password Manager Policy and prompts users to authenticate using one or more of the MFA types specified in the policy until the required number of MFA points is reached, thereby completing the login process.

To successfully implement Passwordless login, two main components must be configured: the Passwordless Login MFA workflow and the Password Manager Policy. By adjusting these settings, users can benefit from a streamlined login experience while maintaining the highest level of security for their accounts.

Configure the Passwordless Login MFA workflow

  1. Expand Low Code/No Code Workflow on the navbar and select Low Code Workflows.

  2. Under Workflow, search for Passwordless Login MFA and then click the workflow’s Display Name link.

     

  3. Expand the Request Workflow Parameters accordion and verify that the value for TargetUsePolicyMultiFactor is set to true. If the value is set to false, click the Edit button and change the value to true.

Configure the Password Manager policy

  1. On the navbar, expand Password Management and select Password & Login Policies.

  2. On the Policies tab of the Find Password Manager Policies page, search for the policy that you want to configure for Passwordless login and then click the Display Name link for that policy.

     

  3. On the Policy Details page that appears, click the Edit link.

     

  4. Select the Authentication Settings tab and then specify the minimum number of LoA points required for Passwordless login in the Min Passwordless Login MFA Point if Local and the Min Passwordless Login MFA Points if Remote fields.

     

  5. Save the settings.

  6. Return to the Find Password Manager policies page and search for the policy again.

  7. Click the Display Name link for the policy.

  8. Expand the Multifactor Authentication accordion and ensure that the policy has enough Multi-factor Authentication types with the necessary LoA points to reach the threshold set in step 4 above.

     

If the policy needs to have MFA Types added, follow the procedure discussed in the Assign MFA Types to Password Manager Policies topic.

 

Assign MFA Types to Password Manager Policies

End User Docs - Using Passwordless login