---
title: "MFA for IIS | UserLock"
description: "Enable MFA for Microsoft IIS with UserLock. Secure access to OWA, RDWeb, SharePoint, and more. No added complexity, no need to change identity providers."
locale: "en"
updated_at: "2025-10-30T10:32:58.063Z"
canonical: "https://www.isdecisions.com/en/userlock/features/mfa-for-iis-apps"
---

# Multi-factor authentication (MFA) for Microsoft IIS

Secure user logons to Microsoft IIS applications with UserLock MFA. Easily configure MFA for OWA, RDWeb, SharePoint, and other web-based services.

- Prevent lateral movement attacks
- Protect access to sensitive data
- Satisfy compliance and insurance requirements
- Combine with granular access controls

### Why UserLock MFA for IIS apps

- Quick configuration
- Easy adoption
- Effective security

### Easily apply MFA for IIS apps

Quickly install and configure the UserLock IIS application. Once configured, the IIS UserLock agent will redirect the user to a dedicated web application where the user can enroll in MFA and complete MFA before accessing the protected Microsoft IIS applications, such as: OWA, RDWeb, Sharepoint, CRM or an intranet website.

### MFA for Outlook Web Access (OWA)

Prevent remote user logons to Exchange mailboxes  with UserLock MFA for OWA.

### MFA for RDWeb

Protect remote user logons to RDWeb with the UserLock  IIS agent, which can be quickly configured to prompt  for MFA after users complete password verification.

## Choose up to two MFA methods for your team

- [Push notifications](/userlock/features/two-factor-push-notification)
- [Hardware tokens and keys](/userlock/features/mfa-security-keys)
- [Authenticator apps](/userlock/features/two-factor-authentication-applications)
