Subscribe to Support RSS Feed
Use Multi-factor Authentication with JumpCloud to secure user access to your organization’s resources. Admins can use Verification Code (TOTP) MFA, Duo Security MFA, WebAuthn MFA , and Push MFA to strengthen security in their organization.
Once MFA is configured, you can require MFA for your users when accessing JumpCloud resources:
- User Portal login
- Admin Portal login
- Devices login
- Cloud RADIUS authentication
- Cloud LDAP
- SSO Applications
- Password reset
TOTP
Verification Code (TOTP) MFA uses authentication codes called Time-based One Time Passwords (TOTP). These codes are generated from an authenticator application on a mobile phone or computer. We recommend using JumpCloud Protect for TOTP, but other apps, like Google Authenticator or Yubico Authenticator, can also be used.
Push (JumpCloud Protect Authenticator App)
With Push MFA, users can authenticate with a push notification that’s sent to their mobile device.
When a user logs in to a resource that’s protected by Push MFA, they need to provide their username, password, and approve the login request from a push notification they get on their mobile device.
Push MFA requires users to download the JumpCloud Protect app on their mobile device. Learn more in JumpCloud Protect for Admins.
Duo Security
Duo Security MFA lets users authenticate using push notifications, phone callbacks, and mobile passcodes provided by Duo. Admins can choose the authentication options users have for Duo Security MFA.
When a user logs in to a resource that’s guarded by Duo Security MFA, they must provide their username, password, and choose an authentication option. Users then provide the factor required authentication method.
WebAuthn
WebAuthn MFA lets users authenticate using security keys like YubiKey and Titan, or with a device authenticator, which is usually a device biometric such as Apple Touch ID or Windows Hello.
When a user logs in to a resource that’s guarded by WebAuthn MFA, they must provide their username, password, and their security key or device authenticator.