The purpose of the section "Authentication" is to provide the system administrator with with policy settings that determine when multi-factor authentication is required.

image-2025-4-3_13-31-44.png



This setting determines if user authentication is required when logging in;

  • Multi-factor authentication is not required for all users
    This option means that all users will be exempted from 2FA or MFA. This option is typically used to exempt a group of users from 2FA or MFA.

  • Multi-factor authentication is required for users with tokens only
    This option means that users who have a 2FA/MFA token in their account will be enforced to login with 2FA/MFA, while those users who do not have a token 2FA/MFA token will be exempted from 2FA/MFA in the logon process. .
  • Multi-factor authentication is required for all users

    This option means that all users will be enforced to login with 2FA/MFA

    Please note that users in the context of a policy include users in the scope of the policy only, i.e. the policy holder.

This option allows the administrator to specify if authentication can be skipped on subsequent logon attempts (for the specified length of time).

If this value is set to zero, then the feature is disabled, and authentication skipping does not take place.


If authentication skipping is enabled, this setting will determine if the password is kept (and the second factor skipped), or if all factors are skipped;

  • Skip the second factor and keep the password
    The second factor is skipped, but the password is kept.

  • Skip Al factors including the password
    All factors are skipped.

If this checkbox is ticked, then name guessing will be prevented (the user will not be informed if the username he supplies is known).

if this checkbox is enabled then a CAPTCHA will be presented during logon (to ensure a human is supplying the authentication factors).

  • No labels