Read our product datasheet for more information about OneLogin SmartFactor AuthenticationVIEW NOW
OneLogin’s SmartFactor Authentication uses machine learning to analyze a broad range of inputs, calculate risk scores, and determine the most appropriate security action to take for each login attempt.
Static rules don’t provide the optimal balance between usability and security. For example, being on the corporate Wi-Fi doesn’t necessarily mean that a user login is safe. Conversely, a remote worker at their home office can be perfectly trusted based on past behavior.
OneLogin’s machine learning tracks user behavior over locations and devices and builds a behavior profile for context-aware authentication decisions can be risk scored in real time and used to trigger multi-factor authentication.
For users without smartphones, one-time passwords sent over SMS can provide an additional authentication factor. It can be used as an additional layer of security for self-service password reset: instead of contacting the corporate helpdesk, users can use a one-time password sent to their phone to authenticate identity and reset their password via OneLogin's web interface.
As a non-technical alternative to SMS and email, security questions can be used as an additional authentication factor for sign-in and password reset. OneLogin comes with dozens of standard questions that are available in all 20+ languages supported.
Already using a two-factor authentication provider? OneLogin SmartFactor Authentication integrates with a number of third-party authentication providers:
Protect against hackers using stolen credentials. When users attempt to create or change passwords, OneLogin checks their new password against a database of compromised credentials that have been stolen in large-scale attacks to prevent the use of stolen passwords.
Sometimes it’s not about limiting access but denying it. OneLogin lets you create user or app policies that deny access under certain circumstances. For example, you might want to deny access to sensitive financial applications by default. Or deny access when a risky login attempt comes from a specific country known for cyberespionage.
Sign up for early preview