EU Login will reduce the number of times you are asked for your password when using multifactor authentication.
Users are often requested to authenticate with EU Login using a secure second factor in addition to their password, a process known as multifactor authentication.
To make this authentication process more convenient, EU Login will, in a number of cases, skip the password step. This depends on an automated risk assessment of your login attempt that takes into account multiple remembered profiles of information such as your geolocation, browser, network and language when you log in.
You will still be asked for a second authentication factor, such as the EU Login mobile app PIN code or the trusted platform module (TPM) when accessing resources that require multifactor authentication, as described in the EU Login User Guide. However, you will be less likely to be asked for your password.
What do you need to do?
EU Login users are already set up by default to benefit from this automated reduction of password requests, called ‘adaptive authentication’.
However, you can opt out from this feature if you prefer. This can be done by unchecking the ‘Enable adaptive authentication for my account’ option in 'My account' > 'Configure my account' in the EU Login settings at https://ecas.ec.europa.eu/cas/login.
Tip: To make the most of the improvement, check ‘Always require multifactor authentication’. This will further reduce the number of times you are asked for your password for most applications.
Curious to know how it works? When you successfully log in, EU Login stores securely a snapshot of your security profile in your browser. This profile includes information such as your geolocation, browser, network and language.
This will now be available for multiple profiles. This means that you are less likely to be asked for your password, even when you change where and how you access EU Login (for example, when you move from your home to a workspace).
Your login is still secure. The second factor, which is considered more secure than a simple password, will be always required to authenticate to protected resources. Resources that require a password only will always require you to enter your password.
Note: Your security profile is not maintained on the EU Login servers. Instead, it is encrypted and stored on your computer’s local cookies, which you can delete via your browser settings at any time. However, doing so is likely to increase the number of times you are asked for your password.
Source: European Commission