SecurID® Discussions

Browse the SecurID discussion board to get product help and collaborate with other SecurID users.
Occasional Contributor
Occasional Contributor

MFA access from day one



I have a question about best practice of MFA usage for newcomers, working from home from day one. Due to Covid we have new hires starting remotely day one.  This means that with MFA in place and no token requested or setup they would not have access. Issue is that we don't have information what mobile device user has to select so we can't request SW token for the user. What is the best pratices? How are other companies approaching this?


Thank you,



Labels (1)
1 Reply
Respected Contributor
Respected Contributor

If you have the on-premise authentication manager with software tokens setup then the best approach in this case to force the new users to request software tokens using the self-service console which allows the new users to select which mobile type they would like to have the token provisioned on, in this case you'll have the device type information which you can distribute software token based on the token profile that you have.


If your users are not using self-service console, then you can simply distribute software tokens using AMBA tool but you should take into consideration that an Enterprise license is required in this case, mobile type need to be requested from your users manually.


I suggest you to use Binding ID to restrict using the software token distributed for a specific use by another devices.