Multi-factor Authentication (MFA) helps secure access to the resources you use every day by asking you to prove who you are with multiple factors. When MFA is enabled, you have to prove who you are with something you know, like a username and password, something you have, like a security key, and something you are, like a fingerprint.
When your IT Admin requires you to use MFA, you need to provide your username and password and an additional factor to log in. You may be required to use one or more of the following MFA Factors with your JumpCloud user account:
- Verification Code (TOTP) MFA
- Security Keys
- Duo Security MFA
- Push MFA
About Verification Code (TOTP) MFA
Verification Code (TOTP) MFA uses authentication codes called Time-based One Time Passwords (TOTP). These codes are generated from an authenticator application on a mobile phone or computer, like Google Authenticator or Yubico Authenticator.
When you log in to a resource that’s guarded by TOTP MFA, you need to provide your username, password, and a TOTP code generated by the authenticator application on your phone or computer.
Using Verification Code (TOTP) MFA
Your IT Admin decides where you use TOTP MFA, but you may be asked to use TOTP MFA when you log in to the User Portal, RADIUS, and Mac, Linux, and Windows systems.
You can set up and find your TOTP MFA status when you go to the SECURITY tab in the User Portal.
To learn how to use TOTP MFA:
- Using TOTP Multi-factor Authentication with Your JumpCloud User Account
- How to Use Google Authenticator with JumpCloud TOTP MFA
About Security Keys
A security key is a device that often looks like a USB drive that’s used with MFA.
When you log in to a resource that’s guarded by a security key, you must provide your username, password, and security key.
Using Security Keys
You can use security keys to log in to the User Portal and SSO applications and to verify password resets made from the User Portal.
You can set up and find your security key status when you go to the Security tab in the User Portal.
To learn how to use security keys:
About Duo Security MFA
Duo Security MFA lets you log in to a resource using push notifications, phone callbacks, and mobile passcodes provided by Duo. Your IT Admin chooses the authentication options you have for Duo Security MFA.
When you log in to a resource that’s guarded by Duo Security MFA, you need to provide your username, and password, and choose an authentication option. Then you provide the factor that’s required for authentication.
Using Duo Security MFA
You can use Duo Security MFA to log in to the User Portal and SSO applications and to verify password resets made from the User Portal.
You only see Duo Security MFA when you choose to use it to log in to a resource. You don’t see it in the User Portal.
To learn how to use Duo Security MFA:
About Push MFA
Push MFA is a type of solution that sends a notification to your mobile device after you’ve logged in to a resource with your username and password. When you click the notification, you’re asked to accept or reject the login request. When you click Accept, you gain access to your resource.
Typically you have to download an app when you set up for Push MFA. To use Push MFA with your JumpCloud user account, your admin has you download JumpCloud Protect.
Learn more about the JumpCloud Protect app.
Using Push MFA
Use Push MFA to log in to your User Portal and SSO applications.
You can set up and find your Push MFA status when you go to the Security tab in the User Portal.