Multi-Factor Authentication (MFA)
Multi-Factor Authentication (MFA) is a mandatory security layer for all DriveHub users. It requires users to provide more than one credential to verify their digital identity during the login process. Factors are categorized as something you are (biometrics), something you know (passwords), or something you own (devices).
About MFA Factors
MFA enhances application security by ensuring that a compromised password alone is insufficient for unauthorized access. DriveHub supports various factors, including industry-standard authenticator apps and physical security keys.
Starting with DriveHub version 2.39.x, legacy OTP codes via email are no longer supported. All users must configure MFA, regardless of whether the firm utilizes SSO or Basic Authentication.
Step-by-step: Initial MFA Enrollment
- Select Provider: Upon your first login to DriveHub v2.39.x+, select your preferred MFA provider.
- Configure App: Open your chosen authenticator app (e.g., Google Authenticator) on your mobile device.
- Scan QR Code: Use the app to scan the QR code displayed in the DriveHub web interface.
- Verify Code: Enter the 6-digit code generated by the app into the "Enter your one-time code" field in your browser.
- Complete Setup: Click confirm to finalize the configuration.
MFA Requirement DriveHub requires MFA for every login session by default. Users may select Remember this device during login to reduce the challenge frequency to once every 30 days.
MFA Providers & Compatibility
DriveHub implements industry-leading MFA solutions to provide a balance between high security and user experience.
Factor | Description |
|---|---|
Okta Verify, Google Authenticator,Microsoft Authenticator, Authy, or Okta Verify Recommended | Familiar & Standard: This is the industry-standard "code" method. Users probably already use it for other apps. No network connection is required. |
FIDO/WebAuthn (Platform) The "easy and seamless" user (e.g., using a MacBook with Touch ID or Windows Hello). | Highest Security, Zero Friction: The fastest way to log in. No codes to type, no devices to carry (if using a platform authenticator). It's literally a fingerprint scan on the user's existing machine. |
FIDO/WebAuthn (Roaming) | Unphishable: The gold standard of security. Perfect for highly sensitive accounts. A physical key is impossible to phish. |
Push Notification (Auth0 Guardian) | Best Balance of Security & Simplicity: Users just tap, "Approve" on their phone. Much faster than typing a 6-digit code. Eliminates typos. Requires network connection. |
About FIDO/WebAuthn
FIDO (Fast Identity Online) is a set of security standards for strong authentication. Platform authenticators are built into the device (biometrics), while roaming authenticators are external hardware keys that can be used across different devices.
Updated about 2 months ago