Setting Multi-Factor Authentication on People

When your policy requires users have a more secure login experience, EmpowerID's multi-factor authentication (MFA) model gives you multiple options for applying MFA to people. Depending on your policy, you can require users to perform MFA against a wide variety of MFA Types or simply allow users to decide for themselves whether they want to protect their accounts with MFA.

If the Password Manager Policy assigned to users has one or more required MFA Types assigned to it, users must use those types in addition to their regular logon methods. Setting an MFA Type directly on a person only has effect when that MFA Type is not required on their Password Manager Policy.

To set multi-factor authentication on people

  1. From the Navigation Sidebar of the EmpowerID Web interface, type the name of the person for whom you want to set MFA in the Person search field and then click the tile for that person.
  2. This directs you to the View page for that person. View pages allow you to view information about a selected resource and manage that resource as is appropriate.

  3. From the View page, click the Multifactor Authentication accordion to expand it and then click the Add (+) button in the grid.
  4. In the dialog that appears, select the desired MFA Type from the Type drop-down, specify the Priority and then click Save.
  5. MFA Types will only appear in the drop-down if they are added to the person's Password Manager Policy. For information on assigning MFA Types to Password Manager Policies, see Assigning MFA Types to Password Manager Policies.

    Once EmpowerID processes the request, you should see a record for the MFA Type in the grid. As indicated by the record, the selected MFA Type is now required for the person. The additional factor must be completed by the user before access is granted.