Setting the Multi-Factor Authentication Points Required by Password Manager Policies

In EmpowerID multi-factor authentication (MFA) is a flexible, points based system that allows you to specify the number of factors that users must present when authenticating, as well as the weight or point value associated with each of those factors. When users reach the designated point threshold, they are granted access to the system. You specify this threshold on the Password Manager policies associated with your users. Each policy has a number of MFA settings that can be configured according to your security requirements. Of these settings, those related to MFA points include the following:

  • Min MFA Points if Local Subnet - This setting is used to specify the minimum number of points users within your local network must accumulate when authenticating. Points start at 0 and can be incremented as needed. When the value is greater than 0, users must accumulate the required number of points before access is granted.
  • Min MFA Points if Remote Subnet - This setting is used to specify the minimum number of points users outside of your local network must accumulate when authenticating. Points start at 0 and can be incremented as needed. When the value is greater than 0, users must accumulate the required number of points before access is granted.

To set the Multi-Factor Authentication Points on Password Policies

  1. From the Navigation Sidebar, navigate to the Password Manager Policies management page by expanding Admin > Policies and clicking Password Manager Policies.
  2. From the Policies tab of the Password Manager Policies management page, search for the policy to which you want to apply MFA and then click the Display Name link for that policy.
  3. From the Policy Details page that appears, click the Edit link. Edit links have the Pencil icon.
  4. From the policy's Edit page, click the Authentication Settings tab and do the following as applicable:
    1. Type a value in the Min MFA Points if Local Subnet field. This setting is used to specify the minimum number of points users within your local network must accumulate when authenticating. Points start at 0 and can be incremented as needed. When the value is greater than 0, users must accumulate the required number of points before access is granted.
    2. Type a value in the Min MFA Points if Remote Subnet field. This setting is used to specify the minimum number of points users outside of your local network must accumulate when authenticating. Points start at 0 and can be incremented as needed. When the value is greater than 0, users must accumulate the required number of points before access is granted.
  5. When completed making your choices, click Save.