Get started with Multi-factor Authentication

This topic provides references to get started applying MFA to control authentication to different features and services.

What do you want to configure multi-factor authentication (MFA) for?

Service or feature MFA benefits
User Portal You can specify that users provide more than one authentication mechanism to access the User Portal. For example, you can specify that users logging in from a certain country provide additional authentication. See MFA for the User Portal.
Web application access You can require users to MFA anytime they access the application from the User Portal or only under certain conditions -- they are accessing the application from a specific country for example. See MFA for web application access.
VPN connection You can use CyberArk Identity with your RADIUS client to provide a second authentication layer. For example, if a VPN concentrator uses RADIUS for authentication, you can configure email as a secondary authentication requirement. See MFA for VPN (CyberArk Identity Connector as a RADIUS server).
Some authentication mechanisms require additional configurations before users can authenticate using those mechanisms. Make sure your users complete the configuration requirements for any mechanism you plan to use. Refer to Authentication requirements for more detail.