Multi-factor Options
Multi-factor Authentication
Following multi-factor authentication (MFA) methods are supported.
Authentication Method | Enabled | Description |
---|---|---|
One-time password (TOTP) | Yes | Time-based one-time password. Requires user to install Authenticator apps like Google Authenticator or Authy and sync secretes using barcode scanning. |
One-time password (HOTP) | No | HMAC-based one-time password. Requires user to install Authenticator apps like Google Authenticator or Authy and sync secretes using barcode scanning. |
Backup codes | Yes | Long-lived backup or recovery codes which can be saved somewhere safe for emergency use. |
Yes | One-time password sent by email. Avoid using this method if password recovery method is email-based. Requires verified email. | |
SMS | No | One-time password sent by email. Avoid using this method if password recovery method is SMS-based. Requires verified mobile number. |
Trusted Device | Yes | Allow user to trust the browser and skip two-factor authentication for next 30 days. |
FIDO2 and WebAuthn | - | Coming soon. |
important
- Multi-factor authentication is not supported for passwordless login.
- Multi-factor authentication can be enabled only at user level.
- A user need to opt-in before being asked for multi-factor authentication.
Multi-factor Options
Navigate to Tenant
and then find Multi-factor Options
panel under Tenant Settings
tab. You can enable or disable one or more multi-factor authentication methods and click Update Details
.
