Reference Guide
Multi-Factor Authentication

Using Keystroke to User Behavior Analytics

2min

Keystroke is used to understand the behavior of users on the Single Connect Login screen and is used when only MFA is enabled for the User Group. Working Mechanism ā€¢ Keystroke will become disabled if MFA Users do not log in to the Login screen within a certain day. This number of days can be defined by parameter. ā€¢ The user's Username and Password keyboard typing speeds and accuracy will be checked and measured with a threshold value. If the user does not exceed the threshold value, they will log in without the need for MFA.

To enable Keystroke

  1. Navigate to Administration > 2FA Provisioning > User Group Management.
  2. Click the Enable OTP for User Group
  3. When the Enable OTP button is clicked, the Enable Keystroke Button will become active.
  4. Click the Enable Keystock button.
Enable Keystroke
Enable Keystroke
ļ»æ

Keystrokes can be defined on the existing Single Connect server or externally. For this, the following parameters must be defined in System Config Manager.

Parameter Name

Description

Sample Parameter Value

keystroke.last.login.success.before.days

If the user doesn't have any MFA authentication login(login success with the token) last N days, keystroke prediction is not enabled

Default value: 15

keystroke.api.url

Keystroke Server API URL

keystroke.username.threshold

Username prediction success threshold. The prediction distance must be under the threshold.

Default value: 0.5

ļ»æ