Pricing  Get Quote

User Identity Verification

Safeguard user identities with advanced
multi-factor authentication.

Thank you for downloading!

Your download should begin automatically in 15 seconds. If not, click here to download manually.

  • Please enter a business email id
    By 'Start free trial', you agree to processing of personal data according to the Privacy Policy.

Multi-factor authentication for Active Directory user identities

Multi-factor authentication (MFA) helps reduce the attack surface and protects your business by requiring a higher level of identity assurance. It can be enabled for all users, and all systems—both cloud and on-premises applications and endpoints—in your network. You can leverage ManageEngine ADSelfService Plus to effectively and effortlessly deploy MFA in your organization and protect your business.

MFA for machine access

Secure access to machine (Windows, macOS, and Linux OS) logins with MFA.

Learn more


Allow users to securely access IT resources through a VPN, after a stringent authentication flow with advanced verification factors.

Learn more


Ensure secure access to OWA accounts by deploying strong authentication factors during logins.

Learn more

Offline MFA

Secure your offline remote users by enabling MFA for offline Windows logons.

Learn more

MFA for application access

Regulate enterprise application access via single sign-on (SSO) with advanced authenticators including biometrics, or YubiKey.


Enable users to perform self-service password reset (SSPR), and self-service account unlock only after they prove their identity via the enforced authenticators.

Implement MFA everywhere you need it

ADSelfService Plus enables IT administrators to trigger a preconfigured authentication workflow once a user initiates an endpoint login, password self-service, or SSO. Using this workflow, IT admins can enforce different authenticators for different sets of users, based on their OU, domain, and group memberships.

  • multi-factor authentication setting2
  • multi-factor authentication setting3
  • multi-factor authentication setting4
  • multi-factor authentication configuration1

Benefits of using MFA with ADSelfService Plus

Secure remote logon attempts

With hybrid work gaining popularity, ADSelfService Plus strongly secures both local and remote login attempts to servers and workstations so that they don't serve as gateways to various cyberattacks.

Defend against credential-based attacks

ADSelfService Plus' MFA helps tackle credential-based cyberattacks, including brute-force, password spray, and dictionary attacks. Stolen credentials from a successful phishing attack are rendered powerless when other advanced verification factors are enforced, like biometrics.

Comply with regulatory standards

ADSelfService Plus helps you meet compliance mandates, like the PCI DSS, NIST SP 800-63B, and HIPAA.

How does ADSelfService Plus verify Active Directory
user identities and related accounts?

Let's consider users trying to login to their Windows, macOS, or Linux machine. They initially enter their AD credentials and, after verification, are taken through ADSelfService Plus' admin-configured MFA process. Here's what happens next:

ADSelfService Plus in action

Supported authenticators

ADSelfService Plus offers a range of authentication factors to choose from, such as:


    Fingerprint/Face ID











For the complete list of supported authenticators, click here.


Secure user access with multiple authenticators
to prevent sophisticated cyberattacks.

Thank you for downloading!

Your download should begin automatically in 15 seconds. If not, click here to download manually.

  • Please enter a business email id
    By clicking 'Downloading', you agree to processing of personal data according to the Privacy Policy.


Why is MFA necessary?

MFA helps to secure user access to resources by enforcing multiple methods of identity verification besides the username and password method of authentication. When MFA is in place, hackers have no use for a stolen password since there will be other authentication factors that they will have to pass through to gain access to the resources.

What resources does ADSelfService Plus help secure with MFA?

ADSelfService Plus provides MFA to secure cloud application access through SSO; endpoint logons, like VPNs, OWAs, Windows, Linux,, and macOS; and self-service activities like password reset, account unlock, and password change. It supports 19 different MFA authentication factors from which admins can choose their preferred factors to present to their users.

How can you you enable MFA with ADSelfService Plus?

ADSelfService Plus simplifies MFA configuration for admins by providing an enriched, user-friendly console. It enables you to set up different MFA flows for different groups or departments in your organization. You can choose the number of authenticators that users must verify with for each activity, like self-service, application logons, and endpoint logons. ADSelfService Plus also makes the MFA enrollment process seamless for both users and admins.

How does ADSelfService Plus help you implement adaptive MFA?

ADSelfService Plus offers conditional access policies that help you fine-tune the access rules for IT resources, such as applications and endpoints, based on a user's location, IP address, time of access, and device used. You can preconfigure rules based on these factors and, depending on these rules, users are given MFA methods to verify their identities with.

ADSelfService Plus trusted by

Embark on a journey towards identity security and Zero Trust
Email Download Link