Centrify Zero Trust Privilege Services support the broadest range of authenticators to provide the flexibility to support authenticating your IT staff using the most convenient form factor as well as to enable you to leverage existing MFA systems and authenticators that you may already have.
Authenticators supported by Centrify include:
Mobile Push Notifications
Mobile Push Notifications to the Centrify Mobile App for iOS and Android with simple swipe after unlocking to verify the authentication.
One or more Security Questions can be used as the simplest form of authentication using something the user knows.
Phone Call with PIN Verification
Phone Call with PIN Verification can be used with any phone number available from the enterprise directory, mobile, office or home phone number, just validate the PIN once you answer the phone.
OATH Tokens such as managed by Google Authenticator or Centrify Mobile App can be used for validating the user.
One Time Passcode Servers
One Time Passcode Servers can also be used with the Centrify Zero Trust Privilege Services via RADIUS integration to take advantage of your existing MFA system whether that be RSA® SecurID™, Duo Security® or Symantec® VIP.
FIDO U2F Security Keys
FIDO U2F Security Keys represent a super simple solution to deploy that also provides the highest security assurance when combined with the user’s password.
Smart Cards can also be used to authenticate to the Centrify Zero Trust Privilege Services to provide the highest assurance level once validated and verified against your corporate directory.
CENTRIFY MOBILE APP FOR PUSH NOTIFICATION AND WORKFLOW
The Centrify mobile App for iOS and Android provides the privileged user with a simple interface to receive MFA notifications or workflow requests for approval. The Centrify Mobile App also provides an interface to enable the user to manage OATH tokens where the seed or secret is vaulted by the Centrify Zero Trust Privilege Services to support user validation of OTP codes, as required by various privileged applications or services that enforce their own OATH-compliant MFA validation such as the AWS® Console.
MFA FOR RADIUS CLIENTS
Centrify also supports providing multi-factor authentication (MFA) services for network devices such as routers, switches or firewalls where administrative access should require MFA prior to privileged user access.