Introducing Enrollment Periods for MFA

Written by Scott Nusz on November 7, 2018

Share This Article

How are you making the tradeoff between user convenience and security in your organization?

As IT administrators, you are stuck between a rock and a hard place: be the guardian of your company’s most critical digital assets, while also ensuring that your IT infrastructure does not artificially impede your users’ access to the resources they need every day.

One of the best ways to increase security is to ensure your users are utilizing multi-factor authentication (MFA), preferably with two factors: something the user knows, and something the user has. Since 2012, there has been tremendous growth in two-factor or multi-factor authentication, and along the way the world has learned the downside of multi-factor: usability challenges.


At the end of the day, you are left with this question: is requiring MFA worth it for your organization? If you need the best security available, you must be willing to sacrifice some usability. If your organization isn’t as security conscious, you may choose usability over increased security. Yet both security and usability are critical. These are tough choices.

At JumpCloud, we are working to make that tradeoff a little easier.

JumpCloud has long offered TOTP-based MFA for your users, securing their identity as well as resources from Administrative and User Portals to Macs and more. With JumpCloud MFA you can secure your employee identities across multiple resources using a single MFA token generator, making it easier to access everything without fumbling with multiple MFA solutions.

Now we are introducing better ways for you to rollout MFA at your organization – ways that acknowledge that you don’t live in a world of one-size-fits-all, and that streamline the challenge of MFA setup for your users.

Introducing Enrollment Periods

Releasing this month, JumpCloud will be introducing new workflows to enable users for MFA, giving you dramatically more control and visibility in the MFA enablement process while providing your users a more flexible and streamlined experience.

We are making it easier for admins to enable MFA without disrupting users by providing a flexibility timeframe for setting up MFA. We call this timeframe an ‘enrollment period’. With enrollment periods, you can select the specific number of days a user has until they must have MFA set up – anything from 1 day to 1 year, on a per user basis.

This means you can now give your finance users 2 days to set up MFA, your intern 30 days, and your CEO 90 days; the possibilities are practically limitless. Depending on how you want to strike the balance between security and convenience, it’s up to you to determine what works for your organization.

Along the way, we are making it even easier to set up MFA for users who are in an enrollment period. Now your users can complete their MFA setup any time they log into the user portal, find applications to generate TOTP keys directly from the setup process, and more. The setup process takes three easy steps, and it’s never been easier to get up and running with MFA on JumpCloud.

Learn More About JumpCloud

With these new tools at your disposal, we hope you can make the leap to improved security when it’s appropriate for your organization, and, if you have already made the leap, these tools should make it easier to work with MFA in your day to day.

To get started, learn more about JumpCloud MFA, dive into details about about Enrollment Periods, and keep on the lookout for this feature in our Administrator Portal in the near future.

Continue Learning with our Newsletter