Use Case
If a user upgrades or misplaces a required mobile device or a required QR Code, they are unable to authenticate to RapidIdentity until that device or code is reconfigured, found, replaced, or until an administrator can temporarily adjust the authentication policy. The elapsed time affects productivity for the user, associated team members, and anyone else involved to remedy this situation.
The advantage of providing users with a choice during the authentication process is that it does not require users to be dependent on a device or token during the authentication process and it saves time in the event an instance occurs when a user cannot authenticate with a policy-dependent device or token. If the policies are configured to include multi-factor authentication, users can still authenticate to RapidIdentity securely through all policies.
For example, an organization may have these three ordered policies.
PingMe
QR & Challenge
Password & Challenge (default)
PingMe requires a mobile device with the RapidIdentity Mobile application installed. The QR Code must be printed and on hand to present to the QR Code reader. If either the mobile device or QR Code is absent, the user cannot authenticate to RapidIdentity. With the Enable Authentication Policy Choices checkbox selected, a user matching either of the first two policies could then select option 3 to authenticate successfully.