Multi-Factor Authentication Service

Identity Assurance for Privileged Access

Each year hackers create new vulnerabilities, exploits, and tools to evolve their attack strategies and breach enterprise defenses. Centrify Platform’s risk-based multi-factor authentication (MFA) stops these attacks in their tracks with a layered approach to security that spans all privileged access.

MFA Everywhere You Need It

mfa at vault

Adaptive MFA for privileged access blocks cyber-attacks at multiple points in the attack chain — and protects even when credentials are compromised.

Simplify and Secure

Stop in-progress attacks leveraging stolen credentials

Simplify with one MFA solution for all privileged access

Dynamic policies that won’t disrupt productivity

MFA Authenticators

Broad Authenticator Support

Authentication Profiles determine whether to challenge a user with one or two factors and which authenticators to present to the user.

  • Push notification to phone or smartwatch
  • Security questions
  • Interactive phone call
  • Text (SMS) message confirmation code
  • Email confirmation code
  • OATH-compliant tokens
  • Third-party RADIUS authentication
  • FIDO U2F and FIDO2 security keys

Flexible MFA Policy Service

Centrify Platform’s MFA Authentication Service enforces identity assurance for all privileged access. Flexible MFA policies apply authentication profiles based on privileged access type – server login, privilege elevation, or vault services. Authentication profiles define acceptable factors and whether to require one or two. Policies also specify grace periods where repeated MFA challenges are not required.


Behavior-Based MFA for Session Initiation and Password Checkout

Identify anomalous behavior in real-time — not tomorrow or next month — by enforcing behavior-based policies. With a combination of risk-level, roles, and MFA, Centrify Platform automates informed decisions on granting privileged access. Dynamic policies protect critical infrastructure when users' credentials are compromised by prompting for a second factor or denying access.

mfa mobile

Centrify Mobile App

Centrify Mobile App for iOS and Android provides a convenient alternative user interface for MFA notifications and workflow requests for approval. Centrify Mobile App also provides an interface to manage OATH-compliant OTP tokens where the seed or secret is vaulted. These OTP tokens can be used with services that enforce OATH-compliant MFA such as the AWS® Management Console.

Ready to Protect Against the #1 Attack Vector?

Click here for more information about our products, pricing, demos, and more.

Contact Us