MFA Setup -- dont want to download a TOTP

Kristin Acree · ‎05-02-2025

Some of my users don’t want to use TOTP on a personal phone, don’t have a work phone, or don’t have smartphones at all. While I know they can install an authenticator app, they’d prefer to use email from the start without being forced to download anything.

Is there a way to default certain users to email authentication during setup? Most users have work phones, so enforcing the email option for everyone isn’t ideal. Ideally, users should be able to choose their authentication method upfront. Yes, I know email can be set after the second login, but some users don’t want any work-related apps on personal devices. I’m looking for a way to skip the initial TOTP setup and go straight to email for specific users.

Randheer Singh · ‎05-12-2025

You can use the email factor policy to only enforce MFA with email OTP.

In this blog, I have covered SMS OTP, but similar steps can be used for email OTP.

https://www.servicenow.com/community/platform-privacy-security-blog/multi-factor-authentication-with...

View solution in original post

shun6 · ‎05-02-2025

Hi @Kristin Acree ,

This post could be helpful.

Solved: How do I configure MFA to offer only Email OTP or ... - ServiceNow Community

Thanks.

Kristin Acree · ‎05-12-2025

This is close, i don't want to see the setup screen at all with the QR code. I want some users that are in a certain group to not even see the setup, i just want the email to be the default option for some users.

I followed the directions from that article, but i still keep getting the QR code for setup.

Randheer Singh · ‎05-12-2025

You can use the email factor policy to only enforce MFA with email OTP.

In this blog, I have covered SMS OTP, but similar steps can be used for email OTP.

https://www.servicenow.com/community/platform-privacy-security-blog/multi-factor-authentication-with...

Kristin Acree · ‎05-19-2025

Thanks that did the trick!