Multi Factor Authentication

All KPN services use the GRIP authentication solution. By default, users log in with a username and password. However, for added security, you can enable two-factor (2FA) or multi-factor (MFA) autentication.

Changes made to authentication settings will apply to all users.

How to configure MFA

These settings can be adjusted by an admin user in the MijnKPN portal:

1. Go to Directories in the menu

2. Select GRIP

3. Open the Authentication tab

You are now in the Authentication settings of your GRIP environment.

Standard setting

Scroll down in the Authentication menu to find the Authentication Level settings.

• The Required Authentication Level score determines the points you need to reach before you can log in successfully

• In this example (standard settings), the points for Credentials (username/password) equal the required score (20), so you can log in without additional authentication methods

Multi Factor setting

Scroll down in the Authentication menu to find the Authentication Level settings.

1. The Required Authentication Level score must be higher than the points for Credentials (username/password) alone.

• In this example (standard settings), Credentials (username/password) provide 20 points, but the required score is 25. This means you need an extra authentication method.

• To enable SMS authentication, assign more than 0 points. Add 5 points so that SMS + Credentials reach the required 25 points.

• To enable Email authentication, assign more than 0 points. Add 5 points so that Email + Credentials reach the required 25 points.

• The settings below show best practice for multi-factor authentication: combining SMS or Email with Credentials creates the required score for a successful login.

Multi Factor login

The login interface for all users has been updated to the view shown below. Simply choose your preferred option to log in successfully.