Date: Fri, 29 Mar 2024 06:55:18 +0000 (UTC)
Message-ID: <62229864.9.1711695318370@wiki-prod.refeds.org>
Subject: Exported From Confluence
MIME-Version: 1.0
Content-Type: multipart/related;
boundary="----=_Part_8_675593573.1711695318366"
------=_Part_8_675593573.1711695318366
Content-Type: text/html; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
Content-Location: file:///C:/exported.html
FAQ SFA/MFA
FAQ SFA/MFA
MFA FAQ
- Q: Is comp=
liance to SFA required in order to qualify for MFA?
For a more comprehensive REFEDS MFA F=
AQ please see MFA Profile FAQ=
.
SFA FAQ
- Q: Does SF=
A impose requirements on password lifetime?
- A: No, SFA=
does not require password rotation.
- Q: Are the=
passwords whose secret basis is =E2=89=A572 characters actually required t=
o have special characters?
- A: No, SFA=
does not impose requirements on password complexity. The CSP qualifies to =
the =E2=89=A572 characters if it allows the user to choose their password f=
rom that character basis.
- Q: Does co=
mpliance to one profile of SFA/MFA ensure compliance to the other one?
- A: No. Alt=
hough MFA is considered the more secure profile, the requirements are signi=
ficantly different from SFA and vice versa.
- Q: Does SF=
A require a strict rate limit?
- A: No, SFA=
just requires any protection against online guessing. It is not required t=
o implement specific controls or define a strict rate limit. The organisati=
on itself might decide which measures are appropriate.
------=_Part_8_675593573.1711695318366--