Strong authentication

with WSO2 Identity Server

Authentication takes many forms and has evolved from usernames and passwords, single factor to multi-factor, or risk-based authentication prompts. It is a vital part of any customer identity and access management system to provide secure access to applications and often a battle between balancing usability and security.

Try WSO2 Identity Server
Strong authentication

What is strong authentication?

Strong authentication helps to prove or confirm one’s identity so the right user has access to the resource in question. Username and passwords were the stepping stone in providing access or authenticating a user, but with phishing attacks and data breaches, authentication needed to be complex to secure the user as well as the resource. Therefore authentication needs to be more robust and provide additional factors to increase security. These factors can be a knowledge factor, ownership factor, or an inherence factor. Examples would include a password, pin (knowledge factor), phone or security token (ownership factor) or biometrics (inherence). Strong authentication could take the form of Multi-factor authentication or Adaptive authentication.

What is multi-factor authentication

  • Multi-factor authentication is the combined usage of authentication factors(knowledge, ownership, inherence) to authenticate a user. The factors can come in the form of SMS or email as a one-time password (OTP), a FIDO device, MePIN or any other authenticator as an extra step to strengthen regular username and password access. It is meant to make the authentication process more secure by adding extra factors.

How to implement strong authentication

WSO2 Identity Server has basic authentication (username and password-based) enabled by default and allows setting up additional steps of authentication on top of it to further strengthen security for an application. WSO2 IS comprehensively supports MFA with authenticators such as Email OTP, SMS OTP, FIDO etc.

Why use Strong Authentication with WSO2 Identity Server

customer authenticators

Easily extensible to support new and customer authenticators

Dedicated 24/7 support

Dedicated 24/7 support


Supports various authenticators such as FIDO2 in our identity ecosystem


Easy setup for passwordless authentication within minutes

Readymade script

Readymade script templates to provide easy adaptive authentication

Improved user experience balancing

Improved user experience balancing usability and security