Multi Factor Authentication

Extra Layer of Security with Multi Factor Authentication

SSO1 gives high security against any kind of suspicious attempts to account any access with its Multi Factor authentication method. For this, it uses biometric authentication in addition to standard OTP-based authentication.

How SSO1 Challenges over Traditional Methods of Authentication

Biometric authentication makes sure that the hackers fail to access your account even if they have your login credentials along with the OTP codes sent to your registered phone through SMS. This is because they can’t feed your unique biometric fingerprints, only you can. Admin can easily fine-tune various settings to implement Multi Factor authentication in the organization. The user-friendly and clean interface of SSO1 is self explanatory to the admin. Let’s discover how easily admin can set the Multi Factor authentication feature:

How Multi Factor Authentication Works?

The Multi Factor authentication tab appears just below the self password option on the dashboard in Identity section. On selecting it, a new page, with all the authentication settings, pops up. The first field is for the Title, where you have to enter a unique policy title. The second one is an input box is for the Description, where the admin has to add some words about the policy. Then is the checkbox saying Enable to enable the policy.

After that, there are two options - Valid Always and Valid from (Start Date) - Valid to (End Date), which decides the period for which the policy is going to be applied. After this, you have to select the validation method; there are two options – OTP and Biometric. You can select either one or both the two options. In case, you select both the options simultaneously (OTP and Biometric) or OTP only, you can select the next checkbox saying Save Device, this is not mandatory. This allows users with the registered or saved devices to login without the Multi Factor authentication from next time. This was for OTP (only) and OTP plus biometric (both).

Now, when you select the Biometric Option (only) there arises three scenarios to be chosen from:

1. Always
2. Corporate Network
3. Remember User IP -
   • A. Block Access
   • B. Notify Admin & allow access
   • C. re-register IP

On selecting Always, the users will be asked for Multi Factor authentication on each login. Alternatively, if you opt for Corporate Network; all the users logging from the company’s network IPs will not be enforced for Multi Factor authentication. Remember User IP option again there are three more options provided, the users accessing the account with not registered IP address then for the three option, “Block access” will block to login from unregistered IP. If Admin select “Notify” option then user can login from unregistered IP but email notification is sent to admin. Finally if admin select Re-register IP option then the unregistered IP also get registered and not prompted for Multi Factor once get registered.