Global multi-factor authentication (MFA) methods overview

In the SecureAuth® Identity Platform, you can globally define which multi-factor authentication (MFA) methods are available for users to select and use for authentication. When you configure the default policy or add a new custom policy, the the global MFA methods that are enabled are included in the policy by default. You can then limit which global MFA method to use in a given policy. There must be at least one MFA method enabled globally at any given time.

Note

It is highly recommended that you set up your global MFA methods before adding applications.

60564615.png

The following table lists the available multi-factor methods and its configuration modes.

MFA method

Configuration mode

YubiKey

Yubico OTP

OATH HOTP

Authentication Apps

Timed passcode from app

Login notification

Biometric identification

One-time passcode

Text Message

Login confirmation link

One-time passcode

Email

Login confirmation link

One-time passcode

Voice Phone Call

One-time passcode

Security Questions

Security questions

PIN

Personal identification number

Symantec VIP

Timed passcode

Next steps

Globally define the MFA methods you want to make available to your end users during the login workflow.