Two Factor Authentication

Multi-factor Authentication (or MFA, Two-Factor Authentication or 2FA) is a simple best practice that adds an optional layer of security to your user login. With MFA enabled, when a user logs into your application, they will be prompted for their username and password, as well as an authentication code from their device.We’ve built multi-factor authentication (MFA) directly into Stormpath, so it’s easy to add it to your application. Stormpath enables you to quickly and easily add MFA to your security strategy. We currently support: SMS or a multi-factor app like Google Authenticator.

Two Factor Auth via SMS Passcode

An SMS passcode enhances security for any user, no matter what phone they use or where they are. Stormpath helps you add extra security without compromising user experience or creating extra work for your dev team. Stormpath sends the text messages with a time-based one time password (TOTP), and validates the code to help you deliver a seamless login path.

Easy Multi-Factor with Google Authenticator

Stormpath also natively supports industry-standard authenticator apps like Google Authenticator and Authy using TOTP, giving your users security and reliability they already trust. Simply show the user the Stormpath generated QR code and they can instantly pair their device.

Learn more in our Multi-factor Authentication Docs