Applies To: AuthPoint Multi-Factor Authentication, AuthPoint Total Identity Security
When an AuthPoint user logs in to a computer with the Logon app installed, the user is not prompted for MFA. In these cases, the most common causes are issues with the authentication policies.
Symptoms
- User can log in to computers with the Logon app installed without MFA
- Issue occurs on Windows and Mac computers
Diagnostic Steps
- Review your Zero Trust policies and make sure the Logon app resource is included and MFA is required.
- Make sure the user belongs to the correct groups.
- Make sure the user name that you log in with is an exact match for the user name in AuthPoint.
- Review the settings you have configured in the Access for Non-AuthPoint Users section of the Logon app.
Possible Causes and Solutions
| Possible Cause | Solution |
|---|---|
|
The user authentication matches a policy that only requires password authentication. |
Update the Zero Trust policy to require MFA or add a new policy that requires MFA with a higher priority. |
| The wrong policy applies to the user authentication. | Make sure the user belongs to the correct user groups and that MFA is required by the highest priority Zero Trust policy that applies to the user and includes the Logon app resource. |
| The access for non-AuthPoint users configuration is applied. | Edit your Logon app resource and review the settings you have configured in the Access for Non-AuthPoint Users section. Make sure the user is not allowed to bypass MFA. |
Related Log Messages
The audit logs for this issue might show successful authentications with password only.