Multifactor authentication

After you upgrade to Identity Engine, learn about the changes to multifactor authentication (MFA).

Change summary Classic Engine: Factors represent the authenticator that a user uses to prove their identity when sign-on policies require more verification.

Identity Engine: MFA terminology has changed. For admins, factors are called authenticators. For users, they're called security methods. The term factor now refers to the category of authenticators and methods (like biometric or possession-based). Methods describe the technological means by which the authenticator helps provide proof of identity, such as a phone call or a one-time password.

Admin experience

To enable and configure authenticators, go to Security > Authenticators.

The MFA Enrollment policy is now called the authentication enrollment policy.

User experience

The Sign-In Widget remembers the user's last-used security method and displays it at the next sign-on.

Users can also select a different security method from the Sign-In Widget if they don't want to use the last-used one.

Identity Engine doesn't support security images.

Identity Engine has no Welcome Wizard.

The Sign-In Widget prompts users to enroll in both authentication and recovery factors.

Related topics Multifactor Authentication

About MFA authenticators