Skip to main content
man wearing earbuds looking down at phone screen and laptop screen

Go Passwordless

Passwordless MFA options eliminate the use of passwords as one of the factors during login. Entrust offers unique MFA authenticators such as high assurance PKI-based mobile smart credential login, FIDO2 keys and passkeys (FIDO2 multi-device credentials), as well as the use of secure mobile push with optional mutual authentication, mobile OTP, and more to allow flexible MFA configuration based on individual use cases.

What is Multi-Factor Authentication?

MFA is an authentication mechanism that requires more than one distinct authentication factor for successful authentication. The 3 most common factors are knowledge (something you know), possession (something you have), and inherence (something you are). Multi-factor authentication can be performed using a multi-factor authenticator or by a combination of authenticators that provide different factors.

lightbulb on icon

Something you know (PIN, password, passphrase)

mobile lock icon

Something you have (USB key, mobile device, grid card)

passwordless icon

Something you are (Touch ID or Face ID)

How Does Adaptive Multi-Factor Authentication Work?

When a user attempts to log in to a resource, they are required to authenticate with a primary authenticator, which can be a single factor or multi-factor authenticator. Entrust IAM evaluates contextual information such as geo-location, behavioral biometrics, velocity, etc., to determine if a second factor or step-up authentication is required. If the risk level based on the user request, contextual information, and resource being accessed is low then the user is authenticated and granted access. If risk level is high, then the user can either be denied or required to use a second authenticator to verify their identity before access can be granted.

multi-factor authentication steps on mobile phone

hands holding phone and tapping to accept or deny call on screen

Phishing-Resistant MFA

Not all MFA authenticators offer the same level of protection from cyberattacks such as SIM swap, MFA prompt bombing, and adversary-in-the-middle (AiTM). Passwordless MFA authenticators such as high assurance PKI-based mobile smart credentials, FIDO2 keys, and passkeys offer phishing-resistant MFA options for greater security.

Entrust Identity Multi-Factor Authentication Empowers You to Do More

mobile logo

Transform your users' mobile devices into trusted digital identities to ensure secure, seamless interactions with networks, apps, and other resources.

fingerprint white icon
Broad Suite of Authenticators

From something you know, to something you have, to something you are, we have an unparalleled variety of authenticators for you to choose from based on your use case.

Bluetooth icon white
High Assurance PKI-based Credentials

Ensure high-level security without friction, with public key infrastructure (PKI) mobile smart credential based passwordless access that utilizes Bluetooth® proximity detection in the authentication process.


Best-in-Class MFA

Entrust Identity is the unrivaled identity and access management (IAM) platform that keeps your business ahead of ever-changing security threats and supports an unparalleled number of MFA authenticators and use cases workforce, consumer, and citizen.

multi-factor authentication (MFA)

MFA Grid Card Authentication

Entrust MFA Grid Card Authentication

For users that are unable to use mobile devices in certain environments and user groups such as frontline/field and call center employees, Entrust offers an easy-to-use and cost-effective MFA solution with grid card authentication.

  • Unique to every user
  • Low support overhead
  • Proven in mass-market deployments
Learn More
risk-based adaptive authentication

Risk-Based Adaptive Step-Up Authentication

Use configurable policies within the Entrust Identity platform to include risk-based step-up authentication to evaluate risk of a user based on contextual data such as location, time of day, etc., to ensure you are not adding friction unnecessarily in your user experience, and to achieve a balance between security and user experience based on your specific use case.

Learn More

What the experts are saying...

SPARK Matrix logo
kuppingercole logo
forrester logo
frost and sullivan logo
Frost & Sullivan

Entrust Identity Tops the 2022 SPARK Matrix™

Quadrant Knowledge Solutions has placed Entrust in the top-right corner of their 2022 SPARK Matrix™ for user authentication. This extensive research study of 31 vendors rated criteria for technology excellence and customer impact and provides a visual representation of strategic performance of their performance. Find out why Entrust was placed in the top-right quadrant of the 2022 SPARK Matrix™, and where other vendors are placed in comparison.

KuppingerCole Overall Leader

KuppingerCole has selected Entrust as an Overall Leader for Enterprise Authentication, as well as a leader in Product, Innovation, and Market Vision. Some of the reasons cited include remote identity proofing and employee onboarding with biometrics and liveness detection, high assurance credential issuance, and an excellent admin interface. See why Entrust received perfect marks in security, usability, and deployment. We also won an award in 2019.

Forrester Opportunity Snap Shot

In March 2018, Entrust commissioned Forrester to conduct a study exploring approaches and challenges of user authentication and access management. The study surveyed 100 IT and IT security executives in North America who are responsible for authentication andidentity access strategy and technology and/or security at their organization.

Frost & Sullivan Technology Leadership Award

The company’s successful implementation of adaptive authentication procedures and appeal to the Zero Trust Security model impresses Frost & Sullivan’s analyst team and demonstrates its commitment to technological innovation in the identity industry.

Here's what customers are saying

Over 100 IT organizations were surveyed with TechValidate in spring 2022.

I am a fan of the Entrust product. I am an LRA and recognize the benefit.”

Tommy L'Écuyer, an IT Manager at Corrections Canada

Entrust has multiple solutions that can be used together or a la carte to complete an identity design. The knowledgeable engineers at Entrust are very helpful and responsive.”

Senior IT Architect at a state & local government

Entrust Identity's adaptive authentication policy engine rated 4 out of 5 stars.”

By 81 Different Organizations

The Numbers

said that MFA is a necessary capability for their IAM solution
use Entrust Certificate Services in addition to Entrust Identity 
want a passwordless + single sign-on user experience that is frictionless

Request a demo for all your identity needs

An Entrust Identity MFA platform specialist will be in touch with options soon.

Cover all your organization's identity access use cases for employees, partners, contractors, and customers from one platform. The adaptive multi-factor authentication (MFA) solution suite from Entrust gives you the flexibility to address different use cases for your user base. The Entrust IAM solution can be used as a cloud-based service or deployed on-premises or in hybrid mode.