Jump to content

Search the Community

Showing results for tags 'mfa'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Essentials
    • Announcements
  • Passwordstate 9.x
    • General Support
    • General Hints and Tips
    • Known Issues
    • Installing Passwordstate
    • Feature Requests
    • Feature Requests - Completed
    • 3rd Party Hardware/Software Knowledge Forum
  • Knowledge Base
    • General FAQs
    • Password Resets
    • Remote Session Launcher
    • App Server
    • Passwordstate API
    • Browser Extensions
    • Password Reset Portal
  • Passwordstate 8.x
    • General Support
    • Feature Requests - Completed

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Skype


Google Plus Account


Location


Interests


Biography


Location


Interests


Occupation

Found 7 results

  1. Hello, My team and I are currently using TOTP hardware tokens for several non-Passwordstate systems. I'm now looking for the most secure method of enrolling these same tokens for use within Passwordstate as well. As far as I'm aware, the only current method of achieving this is for each individual user to essentially enroll their own OTP seed under their own account settings. I would like to avoid this approach if at all possible since manually disseminating the OTP seeds to each of my team members through typical means (email, messaging, file copy, printing, etc.), jeopardizes their overall security. As the security administrator, it would be nice if I could simply access each team member's account from the admin panel and populate the seed for them. This way I'm the only one laying eyes on the seeds and there's far less risk of them falling into the wrong hands. Thank you for the consideration. Regards, IT-Guy
  2. Hi, I am looking for a new feature, that upon login after entering primary authentication method (e.g. Users/Password) that users will be able to select (from a drop down or similar) their secondary authentication method. For example, if a user had multiple authentication options configured, such as Google Authenticator, YubiKey authentication, Email temporary pin code, they could select the most convenient authentication method at the time of login. Another example could be that users only have YubiKey authentication implemented, and there was an issue with the Yubico API or the internet connectivity of the PasswordState server, users will not be able to login due to the reliance on the Yubico API. In this case the user could choose to use another authentication method, such as Google Authentication which does not rely on internet connectivity allowing them to successfully log in.
  3. Hi Team, I am unsure if this topic will be required to be a feature request or there if these features are currently available, however I am looking to be able to have users select the MFA option upon login. For example, I currently have forms and YubiKey authentication setup, however I would like users to be able to select the MFA option, for example choose between YubiKey/Google Authenticator/etc. Currently if the Passwordstate server was ever to lose connection to the internet/Yubico API, users will not be able to login due to the reliance on the API. If this feature was available, in this scenario users could select Google Auth/Other as their MFA option, and still be able to log in successfully. Is there currently any way to setup this up in the current version of Passwordstate? Any help would be greatly appreciated
  4. Hi, With SAML2 in Azure AD in your documentation (Passwordstate_Security_Administrators_Manual.pdf pages 119-125), this works fine but one parameter is missing in Passwordstate: the logout It's not possible to disconnect users only if the user closes his browser. This logout parameter is https://login.microsoftonline.com/common/wsfederation?wa=wsignout1.0 Could you set up the logout parameter in the next build of Passwordstate configuration with SAML2 please ?
  5. Hello, I was not sure how to describe this request in the title... Basically, looking for the feature to require two-factor authentication for all users but give the user the choice on which second factor they use. For example, a user must use AD Authentication and one of the allowed second factor options (Google Auth, Yubikey, etc). Possibly even have the option to support two second factor options. Google Auth and Yubickey (with only one being required at the time of authentication). Does this make sense? Thanks,
  6. Seeking thoughts on the idea of providing "recovery codes" for a user to use in the event that their MFA option does not work, is lost etc. Typically, a web service will allow the saving of a set of recovery codes (typically 5-10) that can be used once to gain access to their account.
×
×
  • Create New...