Multi-Factor Authentication is an authentication method that requires successful verification of two or more pieces of authentication before a user is granted access to a website or application. This feature provides added security and minimizes the risk of invalid access.
Note: This is currently available with all Openpath Readers but the PIN function will only work with the Openpath Keypads. To use MFA with regular Openpath Readers you will need to create a custom Entry State and toggle “Enable Multi-Factor”.
Note: This is separate from MFA for your User Profile. For information on that please see Adding MFA (Multi-factor Authentication) to your User Profile for Security.
How does it work:
The Openpath admin enables multi-factor authentication by creating a custom entry state that includes selecting one of the following preset MFA entry states:
Standard Security MFA-PIN
Strict Security MFA-PIN
Note: MFA is set at the Entry State. You cannot override it with a user schedule, i.e An entry set to convenience will not follow a User Schedule that is set to MFA and vice-versa.
When enabled, the user will trigger the unlock using their PIN and a secondary trigger method such as 1FA/2FA mobile access, cards/fobs, and third-party Wiegand methods.
Failure to successfully authenticate using the PIN and the allowed second factor will result in a denied unlock event.
To use MFA or Multifactor Authentication on the Openpath Keypad please follow these steps.
Set the Default State on the entry to use one of the MFA States.
Make sure you turn off the Wave to unlock option on the entry the Keypad reader is associated with.
Note: Keypad entries should not have Wave to unlock enabled for MFA, it can trigger a false touch event.
Make sure the user has at LEAST 2 credentials.
The user will need to present 2 credentials to the reader.
They can use either one as the initial credential as long as they follow it up with the secondary.
Add Comment