--- title: Bypass MFA for a specific user description: You can bypass multi-factor authentication (MFA) for a specific user for a specific duration. This suspends the requirement for a user to authenticate using their secondary authentication method for the specified amount of time. component: pingone page_id: pingone:directory:p1_pid_bypass_mfa canonical_url: https://docs.pingidentity.com/pingone/directory/p1_pid_bypass_mfa.html section_ids: steps: Steps --- # Bypass MFA for a specific user You can bypass multi-factor authentication (MFA) for a specific user for a specific duration. This suspends the requirement for a user to authenticate using their secondary authentication method for the specified amount of time. ## Steps 1. Go to **Directory > Users** and browse or search for the user that you want to edit. 2. Click the user entry to open the user details panel. 3. In the **Services** list, select **Authentication** and enter or edit authentication information. 4. To bypass MFA for single sign-on (SSO), in the **Multi-Factor Authentication** section, click **Allow MFA bypass**, and then in the **Bypass** modal, select the bypass duration and click **Bypass**. The bypass time remaining and a **Resume** link are shown. Click **Resume** to resume MFA for the selected user. 5. (Workforce only) To bypass MFA for a specific service, in the **Integrations** section, next to the relevant service, click the **More Options (⋮)** icon and then select **Disable** or **Bypass**. Bypassing a service suspends the need for a user to authenticate using the secondary authentication method for a specified amount of time. | | | | - | -------------------------------------------------------------------------------------------------------------------------------------------------------------- | | | Audit events for bypassing a non-SSO service are only logged in the legacy PingID admin portal PingID report, and appear in the format `{service-name} bypass` |