Educause Security Discussion mailing list archives
Re: Microsoft MFA and Authentication FOBs
From: Andreas Paulisch <apaulisch () BROCKU CA>
Date: Mon, 13 Aug 2018 14:54:06 +0000
We are using Microsoft MFA. The preferred method is a smart phone.. For folks who don't have one, or refuse to play nice, we used OATH tokens for some applications. OATH tokens can't be used for all our MFA setups. For example, we use MFA to secure RD Gateway connections. MFA wedges itself into the RADIUS authentication stream between the RD Gateway and the RADIUS server. Long story short, cell phones work great, because the phone itself is the user interface. OATH tokens don't work, because there is no place in the entire process for users to enter their PIN from the token, so oath tokens can't participate. You could fall back on the "phone call to a registered number" method, but we didn't like that. It just wasn't a flexible enough solution.. We made cell phones mandatory. Any application the used ADFS and MFS works great. From: The EDUCAUSE Security Constituent Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU> On Behalf Of Pardonek, Jim Sent: Monday, August 13, 2018 10:17 AM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: [SECURITY] Microsoft MFA and Authentication FOBs Greetings, Curious if anyone out there is using Microsoft MFA and what they use for folks that don't have or want to use a smartphone. Is there additional software or a way to integrate OATH based tokens? Thanks, James Pardonek, MS, CISSP, CEH, GSNA Information Security Officer Loyola University Chicago 1032 W. Sheridan Road | Chicago, IL 60660 *: (773) 508-6086 Loyola University Chicago will never ask you for your username or password. For the lastest information security news at Loyola, please follow us online, Twitter: @LUCUISO Facebook: https://www.facebook.com/lucuiso/ Our Blog http://blogs.luc.edu/uiso/
Current thread:
- Microsoft MFA and Authentication FOBs Pardonek, Jim (Aug 13)
- Re: Microsoft MFA and Authentication FOBs Gomez, Joshua (Aug 13)
- Re: Microsoft MFA and Authentication FOBs Andreas Paulisch (Aug 13)
- Re: Microsoft MFA and Authentication FOBs Joel McKenzie (Aug 13)
- Re: Microsoft MFA and Authentication FOBs Gregg, Christopher S. (Aug 13)