Configure Multi-Factor Authentication Rules
In access control, multi-factor authentication is an authentication method in which the door will unlock only after multiple persons present authenticating multiple credentials in turn. This method is mainly used for locations with high security requirements, such as bank vault. With the mutual supervision of the persons, multi-factor authentication provides higher security for the assets in these locations.
This function should be supported by the device.
- Enter Logical View on the Home page to enter the Area Management page.
- In the area list, select the current site from the drop-down site list to show its areas and select one area.
- Select the Doors tab to show the added doors in this area.
- Click Name column to enter the Edit Door page.
-
In the Application, set the
Multi-Factor Authentication switch to on to enable
this function.
Figure 1. Set Multi-Factor Authentication
-
Set the access mode of the door.
- Unlock After Access Granted
-
The door will be unlocked automatically after the persons swiping their cards (or other type of credentials) on the card readers of the door and the access is granted.
- Remotely Unlock After Granted
-
After the persons swiping their cards (or other type of credentials) on the card readers of the door and the access is granted, a window will pop up on the Control Client. The operator of the Control Client should confirm to unlock the door remotely and then the door will be unlocked successfully.
- Enter Super Password After Granted
-
After the persons swiping their cards (or other type of credentials) on the card readers of the door and the access is granted, they should enter the super password on the card reader. After that, the door will be unlocked successfully.
-
Set the access schedule to define in which time period, the persons are
authorized to access the door.
Note:
The default and customized access schedules are displayed in the drop-down list. You can click Add New to customize a new schedule. For details, refer to Set Access Schedule Template.
-
Set the card swiping interval and make sure the interval between two
authentications on the card reader is within this value.
When you set the interval as 5s, if the interval between two authentications is longer than 5s, the authentications will be invalid, and you should authenticate again from the beginning.
-
Click Add to set the access group(s) to define who have
the permission to access the door.
- Number of Persons for Authentications
-
Define how many persons should authenticate on the card reader.
For example, if you set 3 for access group Security Guard and 1 for access group Bank Manager, it means three security guards should swipe cards on the card reader (or other access mode), and one bank manager should swipe card on the card reader (or other access mode) for this multi-factor authentication.
Note:This value should be no larger than the number of persons in the access group.
- Card Swiping Order
-
Click ↑ or ↓ in the Operation column to set the authentication order of different access groups.
- Click Save.
- Legal Information
- Symbol Conventions
- About Web Client
- Login
- Download Mobile Client
- Web Control
- Manage License
- Manage Resource
- Create Password for Inactive Device(s)
- Edit Online Device's Network Information
- Manage Encoding Device
- Add Detected Online Device
- Add Encoding Device by IP Address or Domain Name
- Add Encoding Devices by IP Segment
- Add Encoding Devices by Port Segment
- Add Encoding Device by Hik-Connect DDNS
- Add Encoding Device by Device ID
- Add Encoding Devices by Device ID Segment
- Add Encoding Devices in a Batch
- Limit Bandwidth for Video Downloading
- Set N+1 Hot Spare for NVR
- Network Transmission Device Management
- Upgrade Device Firmware
- Restore/Reset Device Password
- Manage Remote Site
- Manage Application Data Server
- Manage Recording Server
- Manage Streaming Server
- Manage DeepinMind Server
- Add Security Audit Server
- Manage Smart Wall
- Manage Area
- Add Area
- Add Element to Area
- Edit Element in Area
- Edit Camera for Current Site
- Configure Visual Tracking
- Configure Smart Linkage
- Edit Door for Current Site
- Edit Elevator for Current Site
- Edit Radar for Current Site
- Edit Alarm Input for Current Site
- Edit Alarm Output for Current Site
- Edit Under Vehicle Surveillance System for Current Site
- Edit Third-Party Integrated Resource for Current Site
- Edit Element for Remote Site
- Remove Element from Area
- Manage Resource Group
- Configure Recording
- Configure Event and Alarm
- Manage Map
- Manage Person List
- Manage Visitor
- Manage Access Control and Elevator Control
- Flow Chart
- Manage Access Control Device
- Manage Elevator Control Device
- Manage Access Level
- Access Control Test
- Advanced Functions
- Manage Video Intercom
- Flow Chart
- Manage Video Intercom Device
- Batch Link Persons with Indoor Station
- Relate Doorbell with Indoor Station
- Configure Device Parameters
- Manage Time and Attendance
- Flow Chart
- Add Attendance Group
- Add Timetable
- Add Shift Schedule
- Assign Shift Schedule to Attendance Group
- Configure Attendance Parameters
- Manage Attendance Record
- Search Attendance Record
- Correct Attendance Record for Single Person
- Correct Check-In/Out for Multiple Persons
- Apply for Leave for Single Person
- Apply for Leave for Multiple Persons
- Manually Calculate Attendance Results
- Export Attendance Records
- Get Attendance Records from Device
- View Attendance Handling Records
- Configure Attendance Report
- Manage Entrance and Exit
- Manage Facial Comparison
- Dock Station
- Manage Security Control
- Manage Security Control Device
- Add Detected Online Device
- Add Security Control Device by IP Address
- Add Security Control Device by Hik-Connect DDNS
- Add Security Control Devices by IP Segment
- Add Security Control Devices by Port Segment
- Add Security Control Device by Device ID
- Add Security Control Device by Device ID Segment
- Add Security Control Devices in a Batch
- Add Security Control Partitions from Device
- Configure Defense Schedule Template
- Manage Security Control Device
- Manage Role and User
- Maintenance
- Manage System Security
- System Configuration
- Set Site Name
- Set User Preference
- Set Warning Threshold for Server Usage
- Set Printer
- Set NTP
- Set Active Directory
- Enable Receiving Generic Event
- Allow for Remote Site Registration
- Register to Central System
- Device Access Protocol
- Set WAN Access
- Set Network Timeout
- Set Device Access Mode
- Set IP Address for Receiving Device Information
- Set Data Retention Period
- Set Holiday
- Set Email Template
- Send Report Regularly
- Enable Evidence Collection
- Set Transfer Protocol
- Set Camera ID
- Export Service Component Certificate
- Set Database Password
- Set Health Check Frequency
- Add Fuzzy Matching Rules for License Plate Search
- Configure System Hot Spare
- Set Third-Party Integration
- Data Interchange
- Reset Device Network Information
- Set SUP Upgrade Prompt
- Monitoring
- Intelligent Analysis Report
- Skin-surface Temperature
- Important Ports
Configure Multi-Factor Authentication Rules
In access control, multi-factor authentication is an authentication method in which the door will unlock only after multiple persons present authenticating multiple credentials in turn. This method is mainly used for locations with high security requirements, such as bank vault. With the mutual supervision of the persons, multi-factor authentication provides higher security for the assets in these locations.
This function should be supported by the device.
- Enter Logical View on the Home page to enter the Area Management page.
- In the area list, select the current site from the drop-down site list to show its areas and select one area.
- Select the Doors tab to show the added doors in this area.
- Click Name column to enter the Edit Door page.
-
In the Application, set the
Multi-Factor Authentication switch to on to enable
this function.
Figure 1. Set Multi-Factor Authentication
-
Set the access mode of the door.
- Unlock After Access Granted
-
The door will be unlocked automatically after the persons swiping their cards (or other type of credentials) on the card readers of the door and the access is granted.
- Remotely Unlock After Granted
-
After the persons swiping their cards (or other type of credentials) on the card readers of the door and the access is granted, a window will pop up on the Control Client. The operator of the Control Client should confirm to unlock the door remotely and then the door will be unlocked successfully.
- Enter Super Password After Granted
-
After the persons swiping their cards (or other type of credentials) on the card readers of the door and the access is granted, they should enter the super password on the card reader. After that, the door will be unlocked successfully.
-
Set the access schedule to define in which time period, the persons are
authorized to access the door.
Note:
The default and customized access schedules are displayed in the drop-down list. You can click Add New to customize a new schedule. For details, refer to Set Access Schedule Template.
-
Set the card swiping interval and make sure the interval between two
authentications on the card reader is within this value.
When you set the interval as 5s, if the interval between two authentications is longer than 5s, the authentications will be invalid, and you should authenticate again from the beginning.
-
Click Add to set the access group(s) to define who have
the permission to access the door.
- Number of Persons for Authentications
-
Define how many persons should authenticate on the card reader.
For example, if you set 3 for access group Security Guard and 1 for access group Bank Manager, it means three security guards should swipe cards on the card reader (or other access mode), and one bank manager should swipe card on the card reader (or other access mode) for this multi-factor authentication.
Note:This value should be no larger than the number of persons in the access group.
- Card Swiping Order
-
Click ↑ or ↓ in the Operation column to set the authentication order of different access groups.
- Click Save.