Requiring Multi-Factor Authentication

Tip: Require multi-factor authentication according to the level of access for a specific user class. For example, information system best practices and regulatory compliance typically require the use of these controls for administrator accounts --based on the business value and range of resources they manage.

You can require multi-factor authentication by registered user class. You can also exempt users individually.

Require multi-factor authentication controls. SETTINGS > Security Policies > User Auth > Multi-Factor Authentication
Exempt individual users from policy. USERS > username > User Profile - User Settings - User Authentication - Multi-Factor Authentication

Note: It is best practice to notify users of any security policies that alter the sequence of steps or information needed at sign on before you apply these controls.

Registered User Class	Level of Access/Function
Administrators	SysAdmins and Administrators User account creation. Organization/business group creation. Security policy settings. Other admin tasks...
File Administrators	Daily administration. Folder creation. File upload/download.
Users	Users and Users designated as GroupAdmins for a particular group. All users will need to verify identity at next sign on unless exempted. Users can elect alternate verification methods in user settings. Admins can allow users to remember verified devices as part of sign in.
Temp Users	Temporary users receiving Ad Hoc package notifications. Ad Hoc transfer must be configured for the current organization for this user class to be available.

Requiring Multi-Factor Authentication

See Also