Skip to main content

PIN global MFA settings

At the global level, configure the Personal Identification Number (PIN) method.Users enter a predetermined PIN, associated with their profile to authenticate into a resource.

You can limit the use of this MFA method in a policy.

  1. On the left side of the Identity Platform page, click Multi-Factor Methods.

  2. Click the pencil icon for PIN.

    The configuration page for PIN appears.

  3. To enable or disable the global PIN multi-factor method, slide the toggle On or Off.

  4. In the Configuration mode section, set any of the following configurations.

    Personal identification number (PIN)

    When the PIN multi-factor method toggle is On, it automatically enables the ability for a user to enter a predetermined PIN.

    PIN modes

    Select any of the additional PIN modes you want to use:

    • Open PIN – the PIN can be non-numeric and is not hashed

    • One-time use – the PIN is a one-time use static PIN that is cleared from the data store after a successful validation

    • Show when empty – select this option if the one-time use PIN is displayed as an option on the login page, but is inactive for use

  5. Click Save.

Next steps

Configure a policy to prompt users to enter a PIN in the login workflow. See Policy configuration - Multi-factor methods.