SmartFactor Authentication

Prevent Threats with Context-Aware
Adaptive Authentication

Free Trial

Detect and respond to
high risk logins

SmartFactor Authentication™ uses risk insights from Vigilance AI™ to dynamically adjust authentication requirements in real-time.

Login attempts with elevated risk scores are prompted for multi-factor authentication, denied access to particularly sensitive applications, or denied access to the portal entirely. As part of the OneLogin Trusted Experience Platform™, SmartFactor Authentication works with OneLogin Protect and third-party authentication providers.

Dive in to learn more

Read our product datasheet for more information about OneLogin SmartFactor Authentication


How SmartFactor Authentication works

OneLogin’s SmartFactor Authentication uses machine learning to analyze a broad range of inputs, calculate risk scores, and determine the most appropriate security action to take for each login attempt.

How SmartFactor Authentication works How SmartFactor Authentication works

Machine learning rules!

Static rules don’t provide the optimal balance between usability and security. For example, being on the corporate Wi-Fi doesn’t necessarily mean that a user login is safe. Conversely, a remote worker at their home office can be perfectly trusted based on past behavior.

OneLogin’s machine learning tracks user behavior over locations and devices and builds a behavior profile for context-aware authentication decisions can be risk scored in real time and used to trigger multi-factor authentication.

Security and usability

With password breaches on the rise, multi-factor authentication has become the norm to secure access to data. But you need logins to stay frictionless. OneLogin lets you define the authentication flow so you can balance security and usability.

  • Enable authentication without passwords for users on a trusted device
  • Check the user’s ID and device first and then, based on the risk score, prompt for an additional factor only if needed
  • OneLogin Protect also helps remove friction by letting users simply respond to an MFA push notification on their mobile device.

Sign up to preview adaptive flows

SMS Authentication

For users without smartphones, one-time passwords sent over SMS can provide an additional authentication factor. It can be used as an additional layer of security for self-service password reset: instead of contacting the corporate helpdesk, users can use a one-time password sent to their phone to authenticate identity and reset their password via OneLogin's web interface.

Security Questions

As a non-technical alternative to SMS and email, security questions can be used as an additional authentication factor for sign-in and password reset. OneLogin comes with dozens of standard questions that are available in all 20+ languages supported.

Plays nicely with others

Already using a two-factor authentication provider? OneLogin SmartFactor Authentication integrates with a number of third-party authentication providers:

Compromised Credential Check

Protect against hackers using stolen credentials. When users attempt to create or change passwords, OneLogin checks their new password against a database of compromised credentials that have been stolen in large-scale attacks to prevent the use of stolen passwords.

Policy-Driven Access Denial

Sometimes it’s not about limiting access but denying it. OneLogin lets you create user or app policies that deny access under certain circumstances. For example, you might want to deny access to sensitive financial applications by default. Or deny access when a risky login attempt comes from a specific country known for cyberespionage.

Sign up for early preview

Secure all your apps, users, and devices