ADAPTIVE MFA for Privileged Access

Reinforce Secure Access to Critical Systems

Add an extra layer of security only when needed, and based on risk rating to reduce the threat associated with compromised credentials. Configure behavior-based access control for IT admins who access Windows and Linux servers, elevate privilege or leverage privileged credentials.

MFA for Servers, MFA for linux & windows by Centrify

Guard Against Attacks with Behavior-based Access Control


Extra layer of security for users logging into Windows, Linux and UNIX systems or who require privilege elevation


Keep accounts secure even if your passwords are compromised


Easily implement one cohesive solution to enforce PCI DSS’ multi-factor authentication (MFA) requirements across your enterprise for all your local, remote users and third party users who require access to your sensitive data environment


Reinforce privileged access policies with additional multi-factor authentication (MFA)


Guard against cyber threats to prevent access to valuable data


Flexible choices for MFA challenges, including those you already own — RSA environments, OATH-based tokens, USB PKI keys and Smart cards including derived credentials for regulatory compliance

Protect Infrastructure by Enforcing Second Factor of Authentication at Login

Centrify Zones, roles, and rights capabilities provide the ability to enforce a second factor of authentication — such as Centrify mobile authenticator, push notification, SMS/text, email, phone call and security questions — for specific users or Windows, Linux and UNIX servers during login.

protect infrastructure with two factor authentication by Centrify

Enforce Step up Authentication When Users Require Elevated Privilege

Users who have successfully logged into a server but need to run highly privileged commands may be prompted for a second factor when elevating privilege, per policy.

MFA for servers built with elevated privilege

Risk-based Policies for Password Checkouts and Privileged Sessions

Identify anomalous behavior while it is happening, by enforcing risk-aware policies for users who are initiating a privileged session or checking out a password. Combining risk-aware policies with role-based access controls, user context and multi-factor authentication (MFA) enable intelligent, automated, real-time decisions on whether to grant privileged access. These dynamically enforced access policies grant the user access, prompt for a second factor of authentication, or block access completely.

Risk Based policies for password checkouts and privilege sessions

Interoperability with Third-party Authentication Methods

Centrify’s MFA capabilities are designed to work well with existing investments in RSA, OATH-based tokens and smartcards such as PIV/CAC. These can all be brought under Centrify’s centralized management and enforced across your enterprise.

MFA for RSA, OATH and smartcards

MFA Everywhere You Need It

Implementing policy-based MFA for every user (end users and privileged users), and every IT resource whether on-premises or in the cloud blocks cyberattacks at multiple points in the attack chain — and protects even when credentials are compromised.

Learn More
MFA for mobile phones & endpoints

White Paper

Becoming PCI Compliant

The PCI DSS 3.2 consists of 12 requirements spread across six domains, with new requirements focused on multi-factor authentication. This white paper examines each of the 12 requirements and identifies the associated Centrify Infrastructure Services and capabilities that help achieve compliance.

Download White Paper