Hello there!

Need Help? We are right here!

Support Icon
miniOrange Email Support

Thanks for your enquiry. Our team will soon reach out to you.

If you dont hear from us within 24 hours, please feel free to send a follow up email to info@xecurify.com

Search Results:


Multi-Factor Authentication

(MFA) Methods

Multi-Factor authentication (MFA) solution adds an extra layer of protection to your applications by challenging users to a second factor such as OTP over SMS, TOTP tokens, OTP over Email, hardware tokens etc.

Check out MFA methods supported by miniOrange.

Try Cloud Try On-Premise Request a Demo
MFA Methods flow diagram

Multi-Factor Authentication (MFA) methods supported by miniOrange

MFA Methods SMS and Phone verification

SMS and Phone Callback

Receive a text on your mobile with the information required to validate yourself for the second factor.

Multi-Factor Authentication Google and microsoft Authenticator method

Multi-Factor Authenticator Apps

Receive a Time based OTP Token (TOTP) by an external authentication app such as Google/Microsoft authenticator for secure login.

Multi-Factor Authentication Methods miniOrange Authenticator

miniOrange Authenticator

Use the miniOrange authenticator to get your login information in the form of a soft token , push notification or a QR code .

Multi-Factor Authentication Email Verification Methods


Get your login information such as login links and password keys on your registered email address.

MFA Methods Hardware Token verification

Hardware Token

Use a physical USB token into your computer, which generated the required information to gain access.

Multi-Factor Authentication Security Questions method

Security Questions

Answer a few knowledge based security questions which are only known to you to authenticate yourself.

SMS and Phone Callback


Receive an SMS on your registered mobile number containing a 6-8 numeric key. You can enter this key when challenged for the second factor to authenticate yourself and gain access to your resources.

SMS Link

An sms with a link is sent to your registered mobile number, on which you need to click to accept/deny. Upon clicking on Accept, you will be authenticated successfully for the second factor challenge.

OTP Over Phone Call

In this MFA method, you receive a voice call stating a 4-8 digit numeric key. Use this key to complete the challenge for the second factor of authenticator.

MFA Methods SMS and phone verification flow

Multi-Factor Authentication flow for authenticator applications

Authenticator Apps

Google Authenticator

To use this MFA method, you'll need the Google Authenticator app. Once you've scanned the QR code, the app will generate a 6-digit code that you can use to complete the MFA challenge.

Microsoft Authenticator

Like Google Authenticator, Microsoft Authenticator needs a 6-digit code generated by the app to access your resources. A QR code can be scanned from the app to link your account and generate your OTP.

Authy Authenticator

Enter a 6 digit time based passcode generated by the Authy Authenticator app to gain access to your resources, similar to the google and microsoft authenticator methods.

miniOrange Authenticator

Soft Token

For the soft token Multi-Factor Authentication method, enter a 6-8 digit time-based numeric key from your miniOrange Authenticator App to secure access to your applications.

Push Notification

When the push notification method is enabled as MFA, you receive a push notification on the MFA-Authenticator App by miniOrange which you need to ACCEPT | DENY. Upon clicking on ACCEPT you can complete the second-factor challenge successfully.

QR Code Authentication

For the QR code method, you need to scan the barcode from your mobile using the miniOrange Authenticator app. This will automatically link your account and authenticate you for the MFA challenge.

MFA Methods miniOrange Authenticator flow

Email verification flow for MFA

Email Method

OTP Over Email

Receive an email containing a 6-8 digit numeric key. Enter this key when prompted to authenticate yourself and securely log into your applications.

Email Link

Using the Email link MFA method, you receive an email with a link which you need to click to accept or deny the transaction. Upon clicking on ACCEPT, you will be successfully authenticated for the second factor.

OTP Over SMS and Email

Receive an SMS and an email containing a numeric key. Enter this key when challenged for Multi-Factor Authentication (MFA) method, to securely login into your applications.

Hardware Token

Yubikey Token

A physical USB token (eg. FIDOKB, Yubico) is used for this method, which is inserted into your computer. This token generates an alphabetic key. You can use this generated key to log into your applications.

Display Token

Similar to Yubikey, a physical token (eg. OTP c200, OTP c100) is used for this method. The Display token generates a hash-based OTP based on a pre-coded algorithm. You can enter this generated OTP to authenticate yourself.

Order Tokens from miniOrange

miniOrange supports third-party hardware tokens such as Biopass FIDO 2, FIDO2 HOTP, OTP c100, c200, FIDO KB, etc. as Multi-Factor Authentication. You can order these tokens directly from us by reaching out to idpsupport@xecurify.com.

Hardware Token MFA Method flow

Security Questions method flow for Multi-Factor Authentication

Security Questions

For this Multi-Factor Authenticayion method, you are prompted to answer a few knowledge-based security questions which are only known to you.

These questions range from your pet's name, the city you were born, your date of birth and so on. You can answer these questions to gain access to your applications and secure your resources from unauthorized login.


WebAuthn is the official web standard for authentication allowing Web browsers to perform verification by using public-key cryptography with support from a broad set of application browsers (Microsoft Edge, Chrome, Firefox, Mobile).

WebAuthn is a browser-based API that allows web applications to use built-in authentication methods (laptop password or pin, mobile, Windows Hello, Biometrics (FaceID/fingerprint), and Hardware Tokens) to simplify and secure user authentication.

Hardware Token MFA Method flow

Frequently Asked Questions

How does MFA work?

When a user tries to access a resource, they encounter various authentication factors in addition to the conventional username and password. The user's credentials are validated by a central Identity Provider (IdP) or directory services platform. Access to the resource is granted if the user's login credentials and second authentication method are successfully authenticated.
Multi-Factor Authentication systems produce a distinct one-time passcode (OTP) for each login attempt. miniOrange offers a more up-to-date and secure version of MFA known as "push notification." This is delivered to your registered smartphone, and you must approve it to access your account. To access critical services, you can also use a hardware token (like a Yubikey) or a soft token.

What are the Multi-Factor Authentication Factors?

Typically, three authentication factors are commonly acknowledged:
1. Knowledge: Something you can remember, type, say, do, execute, etc. (e.g. Passwords, PIN codes, security questions, etc.)
2. Possesion: Includes some physical object that you posses. (e.g. Smart cards, mobile phones, physical tokens, key fobs, etc.)
3. Inherence: Includes any unique body part that can be provided for authentication. (e.g. Retinal test, voice or facial recognition, etc. biometrics)

More FAQs

Want To Schedule A Demo?

Request a Demo

Our Other Identity & Access Management Products