MFA Setup -- dont want to download a TOTP

Kristin Acree
Mega Sage

Some of my users don’t want to use TOTP on a personal phone, don’t have a work phone, or don’t have smartphones at all. While I know they can install an authenticator app, they’d prefer to use email from the start without being forced to download anything.

 

Is there a way to default certain users to email authentication during setup? Most users have work phones, so enforcing the email option for everyone isn’t ideal. Ideally, users should be able to choose their authentication method upfront. Yes, I know email can be set after the second login, but some users don’t want any work-related apps on personal devices. I’m looking for a way to skip the initial TOTP setup and go straight to email for specific users.

 

Screenshot 2025-05-02 at 8.11.11 AM.png

1 ACCEPTED SOLUTION

You can use the email factor policy to only enforce MFA with email OTP.

In this blog, I have covered SMS OTP, but similar steps can be used for email OTP.

https://www.servicenow.com/community/platform-privacy-security-blog/multi-factor-authentication-with...

View solution in original post

4 REPLIES 4

This is close, i don't want to see the setup screen at all with the QR code. I want some users that are in a certain group to not even see the setup, i just want the email to be the default option for some users. 

 

I followed the directions from that article, but i still keep getting the QR code for setup. 

You can use the email factor policy to only enforce MFA with email OTP.

In this blog, I have covered SMS OTP, but similar steps can be used for email OTP.

https://www.servicenow.com/community/platform-privacy-security-blog/multi-factor-authentication-with...

Thanks that did the trick!