Multi-factor authentication (MFA) is an approach to authentication which requires two or more of the three authentication factors:
-
A knowledge factor is something only the user knows, such as a password.
-
A possession factor is something only the user has, such as a mobile phone or government PIV card.
-
A inherence factor is something only the user is, such as a finger print.
When only two of the factors are required for the authentication, the approach is also referred to as Two Factor Authentication (TFA or 2FA). Before 11.0, HxGN EAM of earlier versions only supports one factor authentication – the knowledge factor (password) though it can be against EAM database, LDAP server or ADFS server (SSO).
The Federal Information Security Management Act (FISMA) gives information security standards and guidelines for federal information systems. On the authentication of federal information systems, FISMA requires multi-factor authentication. In order to comply with this requirement, HxGN EAM has implemented its solution of MFA.
HxGN EAM MFA Solution provides customers an option of requiring users of HxGN EAM another authentication factor in addition to password. The option is configurable by an install parameter. When this parameter is turned on, the MFA authentication will be enabled – HxGN EAM will authenticate the user by the password together with other factor(s).
With the HxGN EAM MFA solution, the additional authentication factor is of customer choice. It can be a time-based, one-time password or use of a government PIV card, etc. The way to achieve this is to allow the customer to implement the authentication of additional factor and to configure the implementation through an install parameter.