Set LoA points on Password Manager policies

Owned by Phillip Hanegan
Feb 29, 2024
2 min read

In EmpowerID, multi-factor authentication (MFA) is a flexible, points-based system that enables administrators to define the number of factors users must present during authentication and the weight or point value associated with each factor. Once users reach the predetermined point threshold, they gain access to the system. This threshold is specified in the Password Manager policies associated with users. Each policy contains several Level of Assurance (LoA) settings that can be configured to meet an organization's security requirements. The LoA settings related to MFA points include:

  1. Min Login LoA if Local – Determines the minimum number of points users within the local network must accumulate to authenticate.

  2. Min Login LoA if Remote – Determines the minimum number of points users outside the local network must accumulate to authenticate.

  3. Min Passwordless Login LoA if Local – Determines the minimum number of points users within the local network must accumulate for passwordless logins.

  4. Min Passwordless Login LoA if Remote – Determines the minimum number of points users outside the local network must accumulate for passwordless logins.

For each setting, LoA points start at 0, and administrators can increase them as needed. When the value is greater than 0, users must accumulate the required number of points before access is granted.

Set LoA points

  1. On the navbar, expand Password Management and click Password & Login Policies.

  2. From the Policies tab of the Find Password Manager Policies page, search for the policy to which you want to apply LoA points and then click the Display Name link for that policy.

     

  3. On the Policy Details page that appears, click the Edit link. Edit links have the pencil icon.

     

  4. From the policy's Edit page, click the Authentication Settings tab and enter the following point values as applicable:
    Min Login LoA if Local – Specifies the minimum number of points users within your local network must accumulate to authenticate.
    Min Login LoA if Remote – Specifies the minimum number of points users outside your local network must accumulate to authenticate.
    Min Passwordless Login LoA if Local – Specifies the minimum of points users within your local network must accumulate for passwordless logins.
    Min Passwordless Login LoA if Remote – Specifies the minimum number of points users outside your local network must accumulate for passwordless logins.

     

  5. Save your changes.