|Login workflow||Journey description|
|Username → MFA → Password|
This requires the Strivacity admin to provide the username as the identifier, then an MFA method (as defined within the Multi-factor Authentication section of the policy), and then the Password.
Advantage This workflow leverages the MFA method to prevent an attacker from locking out the admin account by exceeding the permitted number of password attempts.
|Username → Password → MFA||This requires the Strivacity admin to provide the username as the identifier, and then they will be required to provide their password, followed by the MFA method (as defined within the Multi-factor Authentication section of the policy).|
|Passwordless (Username → MFA)|
The passwordless login workflow will not require the Strivacity admin to provide a password at all. The username is still used as the identifier, however, instead of using a password this will only require an MFA method to be used.
|Username → Password (single factor only)||Not recommended! Please do not protect your Strivacity instance using just a username and password!|
Passwordless workflow If an admin hasn't enrolled yet in an MFA method or step-down rules apply to the geographical region or IP address they are accessing your applications from, they will be asked to provide their password for authentication.
Updated 4 months ago