Multi-Factor Authentication (MFA) is a security-enhancing practice of requiring a person to perform more than one step, beyond email and password, for example, when logging into a system.
A person required to complete MFA triggers it by ...
- Initiating logging in, by providing a valid email address and password, from a device not remembered for MFA purposes.
- Initiating a password reset process and then providing a valid email address and password.
- Clicking a login in link on a device not remembered for MFA purposes.
This article will walk through the steps of Authentication App Verification.
Before You Begin
Review the MFA Feature Overview and Settings. If you choose to require admins or non-admins to use MFA, then you must decide which verification mode for them to use; email or authentication app.
Authenticator App
- The person provides a valid email address and password.
- The system displays a code entry screen and directs the person to open the app for code.
- The person enters the verification code.
- The system completes login, prompting for a new password if that is what triggered MFA.
If both email and authenticator modes are enabled, a "Try another way" link is shown.
Example: Code entry screen. Help text is from MFA Settings.
Related Resources
- Multi-Factor Authentication (Feature Overview)
- Multi-Factor Authentication Verification Mode: Email (Topic)
- Multi-Factor Authentication Settings (Overview)
- Multi-Factor Authentication Settings (Reference)
- Multi-Factor Authentication: Authenticator App (Overview)
- Multi-Factor Authentication: Audit Log
- Multi-Factor Authentication: Code Emails
- Multi-Factor Authentication: Log in as User
- Multi-Factor Authentication: Login Links
- Multi-Factor Authenication: "Remember Me"
- Multi-Factor Authentication: Troubleshooting