Increase Assurance with MFA at Vault to Minimize Risk
Privileged user access requires multi-factor authentication (MFA) to comply with regulations and ensure that only authorized human users access privileged accounts and systems versus malware or bots impersonating your IT staff. Centrify provides MFA capabilities from the simplest of authenticators to the most advanced and aligns with NIST Authenticator Assurance Level 2 or 3. Centrify can trigger MFA during vault login, password checkout, SSH key and secret retrieval, and login session initiation.
Ensure Compliance with Robust MFA Services

MFA for Vault Operations
Authentication policies define the factors required for vault access based on the user's context when logging into the Centrify Vault Suite. Centrify Platform provides multi-factor authentication (MFA) or step-up authentication for various vault operations such as account password checkout or privileged account login.

Native Support for Advanced Federated Authentication
Users can authenticate from an external authentication system into the Centrify Vault Suite via Active Directory with Kerberos/IWA or via an Identity Provider (IDP) such as Okta®, Ping Identity® or Microsoft® ADFS or Azure™ using SAML. Third parties such as outsourced IT support, external developers, or vendor support can authenticate their staff internally and access the Centrify Vault Suite via federation to eliminate manual account management for third-party access to your sensitive systems.