In EmpowerID multi-factor authentication (MFA) is a flexible, points based system that allows you to specify the number of factors that users must present when authenticating, as well as the weight or point value associated with each of those factors. When users reach the designated point threshold, they are granted access to the system. You specify this threshold on the Password Manager policies associated with your users. Each policy has a number of LoA (Level of Assurance) settings that can be configured according to your security requirements. Of these settings, those related to MFA points include the following:
For each setting, LoA points start at 0 and you can increase them as needed. When the value is greater than 0, users must accumulate the required number of points before access is granted.
Min Login LoA if Local — Specifies the minimum number of points users within your local network must accumulate to authenticate.
Min Login LoA if Remote — Specifies the minimum number of points users outside your local network must accumulate to authenticate.
Min Passwordless Login LoA if Local — Specifies the minimum of points users within your local network must accumulate for passwordless logins.
Min Passwordless Login LoA if Remote — Specifies the minimum number of points users outside your local network must accumulate for passwordless logins.
Set LoA points
On the navbar, expand Password Management and click Password & Login Policies.
From the Policies tab of the Find Password Manager Policies page, search for the policy to which you want to apply LoA points and then click the Display Name link for that policy.
On the Policy Details page that appears, click the Edit link. Edit links have the pencil icon.
From the policy's Edit page, click the Authentication Settings tab and enter the following point values as applicable:
▪ Min Login LoA if Local — Specifies the minimum number of points users within your local network must accumulate to authenticate.
▪ Min Login LoA if Remote — Specifies the minimum number of points users outside your local network must accumulate to authenticate.
▪ Min Passwordless Login LoA if Local — Specifies the minimum of points users within your local network must accumulate for passwordless logins.
▪ Min Passwordless Login LoA if Remote — Specifies the minimum number of points users outside your local network must accumulate for passwordless logins.Save your changes.