The current Openpath Jira and Confluence instances will be migrated to the MSI On-Premise solution from August 9th-11th, the current platform will be set to read-only and all future usage will be in the Avigilon Instance. Please ensure access to MSI Jira & MSI Confluence, both are accessible through OKTA. For additional information and details please refer to the Atlassian migration page

Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 27 Next »

Multi-Factor Authentication is an authentication method that requires successful verification of two or more pieces of authentication before a user is granted access to a website or application. This feature provides added security and minimizes the risk of invalid access. 

Note: This is currently available with all Openpath Readers but the PIN function will only work with the Openpath Keypads. To use MFA with regular Openpath Readers you will need to create a custom Entry State and toggle “Enable Multi-Factor”.

Note: This is separate from MFA for your User Profile. For information on that please see Adding MFA (Multi-factor Authentication) to your User Profile for Security.

How does it work:

  • The Openpath admin enables multi-factor authentication by creating a custom entry state that includes selecting one of the following preset MFA entry states:

    • Standard Security MFA-PIN

    • Strict Security MFA-PIN

Note: MFA is set at the Entry State. You cannot override it with a user schedule, i.e An entry set to convenience will not follow a User Schedule that is set to MFA and vice-versa.

  • When enabled, the user will trigger the unlock using their PIN and a secondary trigger method such as 1FA/2FA mobile access, cards/fobs, and third-party Wiegand methods.

  • Failure to successfully authenticate using the PIN and the allowed second factor will result in a denied unlock event.

To use MFA or Multifactor Authentication on the Openpath Keypad please follow these steps.

  • Set the Default State on the entry to use one of the MFA States.

  • Make sure you turn off the Wave to unlock option on the entry the Keypad reader is associated with.

Note: Keypad entries should not have Wave to unlock enabled for MFA, it can trigger a false touch event.

  • Make sure the user has at LEAST 2 credentials.

  • The user will need to present 2 credentials to the reader.

They can use either one as the initial credential as long as they follow it up with the secondary.

  • No labels

0 Comments

You are not logged in. Any changes you make will be marked as anonymous. You may want to Log In if you already have an account.