Managing user multi-factor authentication (MFA) enrollments
You can enable, disable, and delete a user's MFA enrollments.
About this task
Multi-factor authentication involves the use of a second factor, typically a system-generated code that the user must provide to prove their identity. Second factor authentication provides more security control on users when they sign on to any application that is developed and integrated with Verify. You can disable or delete an authentication factor when a compromise or device loss occurs.
|Factor||The multi-factor authentication enrollment such as
|Device||The method of access that was used for the MFA enrollment such as
|Device type||The type of hardware that the MFA enrollment is installed on. Supported for the IBM Verify factor only.|
|Device status||Indicates whether the device is enabled or disabled.|
|OS||The operating system of the device. Supported for the IBM Verify factor only.|
|App version||The version of the application that is being used for authentication. Supported for the IBM Verify factor only.|
|Dated added||The time stamp when the enrollment was added.|
|Last used||The time stamp when the authentication factor was last used.|
Ensure that the Users tab is the active tab.
- If the user is not displayed on the page, use the search function to find the user.
- Hover over the user and select the icon when it appears.
- On the user's page, select the MFA settings
tab. The MFA settings information is displayed. You can sort the details by any of the headings. See Table 1.
To manage an MFA setting, select a factor row and select the menu icon when it appears.
You can enable, disable, test, or delete an MFA enrollment factor. Typically, testing is performed for troubleshooting. If you select to test an MFA enrollment factor, an authentication code is sent and a message is displayed that indicates whether the test was successful.Note: You can test Email OTP, IBM Verify, and SMS OTP authentication factors only. You can't test a TOTP authentication factor.If you decide to delete a factor, you must confirm the operation by selecting Delete in the confirmation prompt.