| Authentication Factor | Mobile App Required | Manual Enrollment | Auto-Available |
|---|
| 1 | 🔔 Ditto IDVerify Push | ✅ Required | ❌ No | ✅ Yes* |
| 2 | 📱 Time-based OTP | ✅ Required | ❌ No | ✅ Yes* |
| 3 | 🔒 Password | ❌ Not Required | ✅ Yes | ❌ No |
| 4 | 📲 SMS OTP | ❌ Not Required | ✅ Yes | ❌ No |
| 5 | 📧 Email OTP | ❌ Not Required | ✅ Yes | ❌ No |
*Automatically available after Ditto ID mobile app enrollment
- Automatic Setup: Available immediately after mobile app enrollment
- High Security: Provide strongest authentication security
- Offline Support: Time-based OTP works without internet connection
- Real-time: Push notifications provide immediate authentication
- Explicit Setup: User must manually register during activation
- Independence: Work without Ditto ID mobile app
- Accessibility: Suitable for users who cannot install mobile app
- Flexibility: Multiple communication channels available
| Authentication Factor | Hard-Coded | Configurable | Admin Control |
|---|
| Ditto IDVerify Push Notification | ✅ Always On | ❌ No | Cannot disable |
| Time-based OTP (Mobile) | ✅ Always On | ❌ No | Cannot disable |
| Saved Browser (rememberMe) | ❌ Configurable | ✅ Yes | Can enable/disable |
| Password (alwaysAskForPassword) | ❌ Configurable | ✅ Yes | Can force requirement |
| SMS-based OTP | ❌ Configurable | ✅ Yes | Can enable/disable |
| Email-based OTP | ❌ Configurable | ✅ Yes | Can enable/disable |
- System Level: Administrators control which factors are available
- User Level: Users can only use factors enabled by administrators
- Login Flow: Available factors determine authentication options presented
- Registration: Factor availability affects user activation process