Multi-Factor Authentication (MFA) is used as an additional level of security, ensuring your both know something (e.g. your password) and have something (typically a smartphone nowadays) when logging into a resource.
Using MFA provides additional protection to organisations, stopping an attacker from being able to access sensitive company data with a sniffed password.
You will usually require MFA when logging into the JumpCloud user console,
JumpCloud MFA Types
JumpCloud supports various MFA methods, but the two most popular are:
- TOTP (time-based changing 6-digit code)
- Push MFA (an alert is sent to your phone asking approval)
TOTP MFA
TOTP is the most commonly used method of MFA and relies on the server and client to share a secret, then calculate a 6-digit code based on the current time. The biggest advantage of TOTP is that it is very accessible, but also it does not rely on any comminication between the server and MFA device. There are lots of TOTP compatible smartphone apps for both Android and iPhone including:
- Microsoft Authenticator
- Google Authenticator
- Authy
- JumpCloud Protect
- JumpCloud Password Manager (if you company subsribes to this service)
If you don't have a strong preference for any of the above apps, we would generally recommend using either JumpCloud Password Manager or JumpCloud Protect; however you can use whichever you prefer.
Push MFA
Push MFA is a more recent development in the world of security. Instead of typing in a 6 digit code, an alert is sent to your smartphone asking you to approve the login.
The main advantage of Push MFA is most people find it slightly more convenient to use. There are two main disadvantgaes, which are listed below:
- The is no industry standard for Push MFA, so it usually requires a spcific app for each back-end system (e.g. JumpCloud Protect for JumpCloud, Microsoft Authenticator for Microsoft 365, etc.) - e.g. additional apps are needed on your smartphone
- Push MFA relies on a completed connection before the authentication is completed. This usually happens very quickly, but it can sometimes be delayed
Conclusion
If you want the least impact on your smartphone and already have a preferred TOTP authenticator app, the best choice would be to continue using that app an stick with just TOTP.
If you have access to JumpCloud Password Manager (JCPWM), we would generally recommend using this for TOTP authentication. The big advantage with JCPWM is that you can synchronise your passwords and TOTP entries securely across multiple devices.
We would also generally recommend BOTH TOTP and Push MFA, and the latter requires JumpCloud Protect.
Lastly, while JumpCloud synchronises your password to Microsoft 365, the MFA access is separate. MFA access for Microsoft is covered in a separate KB article.