What is Adaptive Authentication?

Adaptive Authentication and authorization improve cybersecurity

What does Adaptive Authentication do?

What is Adaptive Authentication?

Standard authentication methods, including Multi-Factor Authentication (MFA), ask users for specific credentials whenever they try to log in or access corporate resources. Adaptive Authentication asks for different credentials, depending upon the situation—tightening security when the risk of breach is higher.

When users always log in with standard credentials, such as a username and password, it makes them vulnerable to cyberattack. Authentication tools like MFA provide better security by requiring additional credentials, such as a code generated from a smartphone app. More factors help, but it’s still too easy for cybercriminals to acquire or hack the user’s various credentials and then use them to gain access. Adaptive Authentication intelligently changes the requirements, making it much harder for a hacker to gain access to the enterprise because some of the signals that are used are difficult for an attacker to circumvent.

How does Adaptive Authentication work?

When you implement Adaptive Authentication in your organization, you determine the baseline login requirements for a given user or set of users. You might have stricter requirements for users in certain locales or users in roles that permit them access to sensitive information.

Adaptive Authentication works by creating a profile for each user, which includes information such as the user’s geographical location, registered devices, role, and more. Each time someone tries to authenticate, the request is evaluated and assigned a risk score. Depending on the risk score, the user may be required to provide additional credentials or, conversely, allowed to use fewer credentials.

For example, if a user tries to access applications via an unregistered device, they may be prompted to register it. If the user logs in from a geographical location other than their office, they may have to answer a security question.

IT determines the response to requests with different risk scores. In any given scenario, the user may be allowed to authenticate, may be prevented from accessing, or may even be challenged to prove his or her identity.

Adaptive Authentication and machine learning

Most Adaptive Authentication solutions use machine learning. The algorithms in these tools monitor and learn user behavior over time to build a more accurate profile. They may track devices, typical user login times, or usual work locations. They check IP addresses and network reputations, in addition to threat data for those networks.

Adaptive Authentication solutions assign a risk score based on behavior and context, and they respond to the perceived risk based on the rules established by IT. These rules may vary by risk score, user role, location, device, and more. Using artificial intelligence (AI), advanced Adaptive Authentication is evolving to monitor in real time and to identify anomalies in the user’s authentication patterns or even threats in the authentication path (such as compromised networks).

Benefits of Adaptive Authentication

As well as adding security, Adaptive Authentication reduces the friction for users trying to get their work done. Standard MFA defines login requirements that may be onerous—requiring the user to always enter a name, password, and a code from an app, or requiring users to answer a security question when authenticating outside the office.

Adaptive Authentication can request less information from users who are recognized and behaving in expected ways. It only queries users for more information occasionally, when circumstances suggest a greater security risk. This means fewer interruptions for users, lower barriers of entry, and greater security.

Thank you! We have received your details. Our sales teams will reach out to you shortly.

We’re passing along your contact information to our experts.

Something went wrong, please try again.

See Demo of OneLogin

All Fields RequiredFields Required*

  • Please enter your first name
  • Please enter your last name
  • Please enter company name
  • Include all internal and external users

    Please enter number of employees
  • Note: Please enter a work email address only as we DO NOT accept web-mail addresses (gmail, yahoo, hotmail, etc.)

    Is that a correct business email address?
  • Please enter your phone number
  • I agree to OneLogin’s Privacy Policy

Related Resources:

OneLogin Adaptive Authentication

OneLogin’s Adaptive Authentication identifies high-risk attempts at access and takes action.

Learn More

Top Three Questions

Get answers to your top three questions about Adaptive Authentication and how it works in OneLogin.

Read More

Gartner Assessment

See where OneLogin lands in Gartner’s Magic Quadrant for Access Management.

Read More