What is Adaptive Authentication?

Adaptive authentication and authorization improve cybersecurity

What does Adaptive Authentication do?

What is adaptive authentication?

Standard authentication methods, including Multi-Factor Authentication (MFA), ask users for specific credentials whenever they try to log in or access corporate resources. Adaptive Authentication asks for different credentials, depending upon the situation—tightening security when the risk of breach is higher.

When users always log in with standard credentials, such as a username and password, it makes them vulnerable to cyberattack. Authentication tools like MFA provide better security by requiring additional credentials, such as a code generated from a smartphone app. More factors help, but it’s still too easy for cybercriminals to acquire or hack the user’s various credentials and then use them to gain access. Adaptive authentication intelligently changes the requirements, making it much harder for a hacker to gain access to the enterprise because some of the signals that are used are difficult for an attacker to circumvent.

How does adaptive authentication work?

When you implement risk-based authentication in your organization, you determine the baseline login requirements for a given user or set of users. You might have stricter requirements for users in certain locales or users in roles that permit them access to sensitive information.

Adaptive authentication works by creating a profile for each user, which includes information such as the user’s geographical location, registered devices, role, and more. Each time someone tries to authenticate, the request is evaluated and assigned a risk score. Depending on the risk score, the user may be required to provide additional credentials or, conversely, allowed to use fewer credentials.

For example, if a user tries to access applications via an unregistered device, they may be prompted to register it. If the user logs in from a geographical location other than their office, they may have to answer a security question.

IT determines the response to requests with different risk scores. In any given scenario, the user may be allowed to authenticate, may be prevented from accessing, or may even be challenged to prove his or her identity.

Adaptive authentication and machine learning

Most risk-based authentication solutions use machine learning. The algorithms in these tools monitor and learn user behavior over time to build a more accurate profile. They may track devices, typical user login times, or usual work locations. They check IP addresses and network reputations, in addition to threat data for those networks.

Adaptive authentication solutions assign a risk score based on behavior and context, and they respond to the perceived risk based on the rules established by IT. These rules may vary by risk score, user role, location, device, and more. Using artificial intelligence (AI), advanced authentication is evolving to monitor in real time and to identify anomalies in the user’s authentication patterns or even threats in the authentication path (such as compromised networks).

Benefits of adaptive authentication

As well as adding security, adaptive authentication reduces the friction for users trying to get their work done. Standard MFA defines login requirements that may be onerous—requiring the user to always enter a name, password, and a code from an app, or requiring users to answer a security question when authenticating outside the office.

Adaptive authentication can request less information from users who are recognized and behaving in expected ways. It only queries users for more information occasionally, when circumstances suggest a greater security risk. This means fewer interruptions for users, lower barriers of entry, and greater security.

Thanks for signing up.

We’ve sent a verification email to

To complete your trial sign up, please check your email and follow instructions to verify. You may need to check your spam. You will be prompted to set up a password and log in. Please note that your user name is your email address.

Get Started in 3 Easy Steps:

Try OneLogin Free for 30 days

All fields are required

  • This field is required.
  • Please enter your first name
  • Please enter your last name
  • Please enter your job title
  • Please enter your phone number
  • Note: Please enter a work email address only as we DO NOT accept web-mail addresses (gmail, yahoo, hotmail, etc.)

    Is that a correct business email address?
  • Please enter company name
  • .onelogin.com
    Please choose another subdomain
  • Please enter number of employees
  • Please enter country
  • Please enter state
  • By completing and submitting this form, I agree to the storing and processing of my personal data by OneLogin as described in our Terms of Service and Privacy Policy.

  • Invalid reCaptcha
  • By creating your account, you agree to the Terms of Service and Privacy Policy.

Related Resources:

OneLogin SmartFactor Authentication™

OneLogin’s SmartFactor Authentication identifies high-risk attempts at access and takes action.

Learn More

Top Three Questions

Get answers to your top three questions about adaptive authentication and how it works in OneLogin.

Read More

Gartner Assessment

See where OneLogin lands in Gartner’s Magic Quadrant for Access Management.

Read More