Secure identities with
multi-factor authentication

Identity Manager Plus secures access to enterprise applications with MFA

  • 96%

    It is estimated that 96% of bulk phishing attempts are stopped by implementing an MFA solution. *

  • $4.45 million

    Without MFA, a data breach can cost a company up to $4.45 million on average instead of $3.26 million with MFA. *

  • 32%

    Worldwide, only 32% of organizations use MFA for all employees as a security measure. *

Only the
finest MFA techniques
for your organization

Identity Manager Plus provides top-notch MFA capabilities to secure your enterprise's resources.

Multiple MFA authenticators
Customizable MFA controls
MFA audit reports

Multiple MFA authenticators

Identity Manager Plus provides multiple MFA authenticators—including email verification, Google Authenticator, and custom TOTP authenticators—to verify users' identities when they log in to Identity Manager Plus or other applications. You can configure up to three authenticators for your users to verify with. During initial login, users will be guided to enroll into those respective authenticators.


Customizable MFA

Identity Manager Plus allows you to customize MFA for your organization with fine-grained controls, like allowing browser trust for a desired limited period, setting a time limit for MFA sessions, enforcing CAPTCHA codes during identity verification, and allowing users to add a secondary email address to their account for the email verification authenticator. You can also choose to enable backup verification codes for user account recovery.


MFA audit reports

Identity Manager Plus provides elaborate MFA reports that help you track details like users' MFA enrollment status as well as all MFA attempts made by users, along with timestamps and the outcome of each attempt. You can customize these reports by adding or removing columns, and by filtering necessary data. Moreover, the reports can be exported in various file formats—like PDF, CSV, XLS, and HTML—for further analysis.


How MFA works in Identity Manager Plus

Here's how MFA works when a user tries to access Identity Manager Plus or any application:

  • A user may try to access an application either directly or from Identity Manager Plus' dashboard using SSO.
  • They will have to verify their identity in either case, so they will be redirected to Identity Manager Plus' login page.
  • Primary authentication in Identity Manager Plus happens via the user's associated directory through the OpenID Connect (OIDC) protocol.
  • After successful completion of the primary authentication, Identity Manager Plus performs secondary authentication using the configured MFA authenticators.
  • Upon successful completion of MFA, the user gains access to Identity Manager Plus and other enterprise applications assigned to them through SSO.

Why secure
identities with MFA
using Identity
Manager Plus?

Compatible with multiple directories

For primary authentication, Identity Manager Plus lets you choose your own preferred directory—like Azure AD, Google, and Salesforce—which your users may already be a part of.

An interactive, user-friendly UI

Identity Manager Plus makes MFA configuration and enrollment easy for admins and end users, respectively, with a simple and easy-to-understand UI.

Security against cyberthreats

Identity Manager Plus' MFA-secured SSO helps defend against various credential-based attacks, while also providing easy application access to employees.

Why does your organization
need to secure identities with MFA?

Having unsecure user identities can expose your enterprise's resources to risk. MFA can thwart unauthorized access and protect your organization's sensitive data against attacks. Identity Manager Plus secures organizational identities and safeguards end user access to your enterprise's applications and other resources, with modern MFA techniques.

Secure user identities with multi-factor authentication

Frequently asked questions

1. What is the difference between MFA and SSO?

Multi-factor authentication (MFA) is an identity security measure where a resource—for instance, an application—is secured using multiple authentication methods, and any user accessing the resource must authenticate themselves with those methods to gain access to it.

Single sign-on (SSO) is the process of granting users access to multiple resources after a single round of identity verification. After initial authentication, they can directly access all resources assigned to them for a stipulated time without reauthentication.

2. Why do we need to secure SSO with MFA?

Since SSO provides one-click access to multiple resources after a single round of identity verification, it is essential that this identity verification process carries utmost security. Implementing MFA secures SSO with additional authentication methods besides usernames and passwords, and defends against potential attacks.

3. Which authentication methods can be used to implement MFA?

There are multiple authentication methods that can be used to implement MFA. Some examples are SMS verification, email verification, push notification, QR code, time-based one-time password (TOTP), smart card, YubiKey, Google Authenticator, Duo Security, RSA SecurID, and biometric verification.

4. How does MFA work with SSO?

A user may try to access a resource—either directly or through the identity provider (IdP)—using SSO. In both cases, they will have to verify their identity with multiple authenticators, which may differ in number and type based on the organization's settings. Upon successful completion of MFA, the user gains access to that particular resource and other resources assigned to them through SSO.

5. How do I implement MFA for application logins in my organization?

You can implement SSO with Identity Manager Plus, which secures all application logins with modern MFA methods. It provides fine-grained controls—like allowing browser trust for a desired limited period and usage of CAPTCHA codes during identity verification—to tailor MFA for your organization. For primary authentication, you can choose your preferred directory, like Azure AD, Google, and Salesforce, which your users may already be a part of. With the help of MFA reports, you can track details like users' MFA enrollment status and all MFA attempts made by users along with timestamps.

To gain a better understanding of MFA-secured SSO with Identity Manager Plus, please schedule a personalized web demo with our solution experts.

Featured resources

Administrator's guide

A handbook for admins to discover and leverage Identity Manager Plus' capabilities.

Learn more

A brief overview of how Identity Manager Plus is tailored to benefit your organization.

Learn more
Product updates

Upcoming features, enhancements, and other updates planned for Identity Manager Plus.

Learn more

*Source: Google, IBM, and Okta