The post-password era
begins now


PingID: Multi-factor Authentication Solution

swipe = work

When you look at the headlines today, it's obvious that a username and password are not enough to protect access to applications. PingID™ multi-factor authentication (MFA), part of our enterprise IDaaS platform, is a strong authentication solution that enables users to authenticate to applications using multiple factors. It provides the perfect balance of user experience and security. With PingID MFA, you get:

  • Strong authentication to legacy and cloud applications using a mobile app.
  • Out-of-the-box integration with the PingOne® cloud and PingFederate® server.
  • Co-branding support for a consistent and familiar user experience.
  • MFA for privileged users with VPN, RDP, and SSH support.
  • Ability for users to authenticate with the Apple Watch.
  • Biometrics support on select Apple and Samsung devices.
  • Offline support using one-time passcodes (OTPs).
  • OTPs delivered via voice call, SMS, email or a desktop app for Windows or Mac.
  • Hard token support with YubiKey and many third-party solutions.

One auth service for all of your apps

Strong authentication systems are not new, but the way that they have been deployed has changed. Many of the existing solutions require expensive hardware tokens that need to be issued, shipped, revoked and maintained. These solutions are complex, hard to administer, and costly. There’s a better way. With PingID MFA, users simply install an app on their phone and self-register that device with the PingID service. One app that's easy to set up and use gives your users strong authentication for all of the apps they need to get work done—no matter where they are.

Online, offline or YubiKey

PingID MFA supports a wide variety of devices, applications and methods for authenticating including:

  • Mobile Application - Push notifications are sent to a registered Apple or Android device, and users swipe or use a fingerprint to authenticate. OTPs are available in the app for offline authentication.
  • Yubikey - Plug a Yubikey USB hard token in and touch a button to authenticate.
  • Voice - OTPs are delivered via a voice call to registered number.
  • SMS - OTPs are delivered via SMS to any registered device.
  • Email - OTPs are delivered to a registered email address.
  • Desktop Application - OTPs are delivered to a registered Windows or Mac computer.

Group, device, and location policies

MFA: Best Practices for Securing the Modern Digital Enterprise

MFA: Best Practices for
Securing the Modern
Digital Enterprise

With PingID MFA, you can easily control when your users need to authenticate with a second factor. You can configure your policies based upon the following:

  • Group - Require MFA for members of a specific group.

  • Application - Require MFA for specific applications.

  • Geofence - Require MFA if the user is outside a pre-set geofence.

  • Rooted or Jailbroken device - Require MFA if the user’s device is rooted or jailbroken.

  • Network IP - Require MFA if the device isn’t in a specific IP range.


PingID MFA delivers the granular security that your policies require with the ease of use your users want.


Secure your VPN

Your users want to work from anywhere, but you need to make sure that they are securely accessing your network. PingID MFA can be used as a second factor of authentication for your VPN or any remote access clients that support the RADIUS protocol. When a user signs on to the VPN service, PingID MFA will send a notification to the users' device as a second factor of authentication. PingID MFA is easy to add to existing VPN solutions from Cisco, Juniper, Checkpoint, Fortinet, Citrix, SonicWall, F5, Palo Alto Networks, Microsoft UAG and others.

No need to rip and replace

Our flexible, secure multi-factor authentication solution easily integrates with dozens of third-party, two-factor authentication and strong authentication providers. You can connect to systems like RSA SecureID, Symantec VIP, Safenet, Google Authenticator and many more. You get the security you need without the added expense of replacement software or custom development. Visit our software downloads to see our integrations.

How it works

PingID MFA is an application that is installed on a user’s Android or iOS device and communicates with a cloud API. When policy requires strong authentication, users are asked to simply swipe their mobile device to sign on or authenticate.