CertCentral account configuration settings for two-factor authentication
DigiCert requires all CertCentral accounts to use two-factor authentication. To configure or edit two-factor authentication rules for your CertCentral account, you must be an account administrator.
By default, CertCentral requires you to use your credentials and a one-time password to access your account. When working with your account manager to set up two-factor authentication for your account, you can configure it to use a one-time password or a client certificate for the second factor.
One-time password (OTP)
This setting requires all account members to use their credentials (username and password) and a one-time password to sign in. When signing in to CertCentral, you must initialize your OTP application or request a one-time passcode verification email.
You can still configure rules for individuals, allowing them to use a client certificate as their second form of authentication.
Client certificate
This setting automatically requires all account members to use their credentials (username and password) and a client certificate to sign in. When signing in to CertCentral, you must generate and initialize their client certificate to access your account.
You can still configure rules for specific individuals, allowing them to use a one-time password (OTP) as their second form of authentication.