FAQ - Multi-Factor Authentication
The ID Control Multi-Factor authentication provides an additional layer of protection to your logon by requiring you to use something you know (your username and password) and something you have (like a mobile authenticator that generates One-Time Passwords).
When you purchase a service (either Password Management, Single Sign-On management or the Combi-Package) you need to create a user in the Mutli-Factor Authentication platform. When you have created that user you can assign it tokens. What types of tokens are supported are explained in “Which types of login methods are supported?”. Once the users have tokens assigned to them they can use the Strong Authentication to login to their services.
With the ID Control Multi-Factor Authentication you can use the following options:
– SMS (MessageID)
– OTP generating app such as (but not limited to) Google/Microsoft Authenticator, FreeOTP or Authy
– Hardware OTP generator, this is a small device with a display that generates One-Time Passwords.
– OTP by email (MailID)
If you are using SMS based One-Time Passwords you need to enter your phone number in the Multi-Factor Authentication platform and assign yourself an SMS token. When using an OTP generating app, create a “Software token” and then scan the QR code with your Authenticator app.
When you lose your hardware OTP generator you can login to the ID Control Strong Authentication user panel and set your token to “Lost”. You will be given a temporary password you can use instead of your OTP until you are given a new hardware token. The temporary password is valid for 10 days.
If you’ve lost your mobile phone you can login to the Multi-Factor Authentication platform to set your mobile token as “Lost”. This will create a temporary password you can use instead of your One-Time Password. The temporary password is valid for 10 days.