Multi-factor authentication (MFA)

Supported MFA Categories

• One-time Passcodes (OTP) One-time passcodes are the most popular additional security factor today, in part because they can be delivered in a wide variety of ways to meet user needs. This possession factor enables the user to receive the OTP and enter it into an application, proving that the user owns or controls the device or method of OTP delivery. OTPs are time-limited, and servers can restrict the number of instances a user can attempt to enter the correct OTP, making it an effective defense against the online credential stuffing attacks used to compromise passwords.
• SMS OTP SMS OTP is delivered via SMS to a user’s mobile phone. SMS OTP option has the advantage of not requiring a user to own a modern smartphone that supports mobile applications.
• OTP via Voice Voice OTP delivery happens via phone call to a number already associated with a user.
• OTP via Email OTP delivered via email is a viable second factor. It requires the user to switch to their email application from whatever application they were authenticating to and either remember the OTP code or copy and paste it into the authenticating application. Because of these limitations, email-based OTP is typically used to reset forgotten passwords. The user can prove they own the email account by responding to a time-limited link within the email.
• OTP Application/ Soft Tokens OTP Application/Soft Tokens are a software-only variant of the RSA/OATH tokens. They use the same interface as the hard tokens so that a single server-side implementation can leverage both hard and soft tokens. The software provides a rolling series of OTPs and can run as a mobile or desktop application.

Allowed Authentication methods