MFA options: end-user enhancements

Identity Engine changes the end-user MFA experience. Inform your users of the following changes:

  • Identity Engine doesn't support security images.
  • Identity Engine has no Welcome Wizard. The Sign-In Widget prompts users to enroll in both authentication and recovery factors.
  • Keep me signed in replaces the Remember me and Remember my device functionality. This feature enables a session that extends beyond browser lifetimes and remembers MFA authenticators from previous sessions. It also keeps a user signed in for the amount of time defined in the global session policy.
     Classic EngineIdentity Engine
    Sign-In WidgetSign-In Widget - Classic Engine.Sign-In Widget - Identity Engine.
  • In Classic Engine, factor describes the method the users select to perform multifactor authentication when signing in. In Identity Engine, factors are called security methods for end users.
  • Users can select the security method they want to use from the list on the Sign-In Widget. The Sign-In Widget doesn’t remember the last-used security method but always displays the entire list of security methods that meet the assurance requirements.
     Classic EngineIdentity Engine
    Multifactor authenticationSign-In Widget - authenticator - Classic Engine.Sign-In Widget - Select security method - Identity Engine.
    Select an authenticator/security methodSign-In Widget - Select an authenticator - Classic Engine.Sign-In Widget - Select security method - Identity Engine.

Related topics

Upgrade from Factor Sequencing to Assurance Models

Multifactor authentication enhancements