Means of authentication

Introduction

On the means of authentication page a user can manage his own communication and authentication devices and settings depended on the systems configuration.

Settings

A user has the option to choose a preferred MFA logon method. He can choose any method that he has configured. This setting will be used to choose the appropriate method if multiple are available. For example if an application requires an authentication with a Level of Authentication that includes multiple entries such as pwd + mail otp and pwd + sms otp, it will automatically choose the later if a user has configures sms otp as his preferred MFA logon method.

This will not require the user to use this MFA method on any logons. If a user wants to enforce the usage of a MFA method, he can do so on the Account and Security page.

Email addresses

The email addresses list contains all email addresses of the user. He can add, edit and remove email addresses and set a display name to existing ones. The display name is particularly useful to further identify an email address. Note that all email addresses listed here are verified. The user can not add an email address without verifying it first.

Phone numbers

The phone numbers list contains all phone numbers of the user. He can add, edit and remove phone numbers and set a display name to existing ones. The display name is particularly useful to further identify a phone number. Note that all phone numbers listed here are verified. The user can not add a phone number without verifying it first.

Authenticator Apps (TOTP)

The authenticator apps list contains all authenticator apps of the user. He can add, edit and remove authenticator apps and set a display name to existing ones. The display name is particularly useful to further identify an authenticator app as the entry is not self explanatory like an email address or a phone number. Note that all phone numbers listed here are verified. The user can not add a phone number without verifying it first.