Step-Up authentication is when the requirement for MFA is triggered due to certain conditions being met. Things like device type, location, IP address, time since last login, application being accessed, etc. Different platforms may use different names in reference to this type of policy.
Some of the terms you may see in reference to configuring Step-Up MFA are conditional access, risk factor, sign-in risk, MFA policy, second factor, etc.
No matter what the name is, remember the overall concept is generally the same, no matter if you’re using Azure AD, Ping, Okta, Auth0, AWS, GCP, RSA, or any of the various other identity providers available.
Step-Up authentication is a great way to add an additional layer of security that is only triggered as needed.
Leave a Reply