Customizing the MFA Retry Limit

EmpowerID provides a configuration setting that you can use to limit the number of times users can incorrectly enter a passcode when using Device Registration, OATH tokens or EmpowerID One Time Passwords as authentication methods (MFA Types). By default the setting is configured to allow users a maximum of three attempts. If users exceed the retry limit, they see the following message:

You can leave this setting at the default or change it as needed. This article demonstrates how to do so.

To set MFA Retry Limits

  1. From the Navigation Sidebar of the EmpowerID Web interface, navigate to the EmpowerID System Settings page by expanding Admin > Miscellaneous and clicking EmpowerID System Settings.
  2. From the EmpowerID System Settings page, search for EidMultiFactorRetryLimit and then click the Edit button for the setting. Edit buttons have the Pencil icon.
  3. In the pane that appears, type the new retry limit in the Value field and then click Save. Do not change the Name of the setting.
  4. From the Navigation Sidebar, navigate to the Workflows page by expanding IT Shop and clicking Workflows.
  5. From the Workflows page, recycle the EmpowerID App Pools by clicking Recycle EmpowerID App Pools.