Enable Multi-factor authentication
(glide.authenticate.multifactor) |
Option that enables
users
and administrators to use this
feature. The default is enabled. To
learn more about this property, see Enable multi-factor authentication (MFA) (instance security hardening) in Instance Security Hardening Settings. |
Number of times a user can bypass multi-factor
authentication
(glide.authenticate.multifactor.setup.bypass.count) |
Number
of times that a user can choose to skip the setup of
MFA. Your users can still log in to
the instance even if they don't have their mobile device
with them. If you disable this feature and then reenable
it, the counter starts over again. The default is
3. |
The time in minutes, the one time code sent to user's
email address is valid for
(glide.multifactor.onetime.code.validity) |
Number
of minutes that the reset code is
valid. See Log on with multifactor authentication. The
default is 10. |
Additional time in seconds for which the code will be
valid to accommodate for the clock skew. Max value is 60
seconds.
(glide.authenticate.multifactor.clock_skew) |
Number
of additional seconds that the reset code is valid. The
maximum is 60.
The default is 10. The instance validates the code
entered by the user against the single app-generated
code that is generated at the current
time . You can skew the time window with
this property and allow one or more codes to be
generated during a time window to be considered
valid. The property's value is used in the
following calculation: current time -
x/2 and current time +
x/2 , where 'x' is the value of this property.
If you use the value of 10 , for
example, the instance considers any codes that are
generated by the app between the time range [the
current time - 5 seconds] and
[current time + 5 seconds] to be
valid. Use this property to prevent log in issues
where the user is unable to enter the correct code
in the default time allotted. |
Enable Device Fingerprinting |
Set
your instance to prompt MFA when a user logs in from a
new device or browser. The default is
yes. |
The Time in hours, the device will be remembered and
MFA screen exempted. |
Time
span in hours that a browser remembers an MFA login.
MFA
does not prompt a user for authentication during the
specified time period. The default is
8 hours. |