Jump to content
Hak5 Forums

Archived

This topic is now archived and is closed to further replies.

antidumb

MFA for Windows domain?

Recommended Posts

antidumb   

I have a client that is involved with financial services and is expanding. They're looking to tighten security and I've been tasked with looking at multifactor auth for login. Does anyone have experience with any of these? Something that uses Google authenticator or a Yubikey would be ideal for them. Minimal hardware investment would be key, as most of the sites don't have anyone there that can really do much technically beyond plugging in a flash drive. We've contracted other companies to plug in copiers before; it's that bad. Something that requires little training would be perfect. Anything that we do will need some training and we're good with that, but some of the users are a little confused by change... I've looked at Rohos so far. What are other options?

It's a Windows Domain. 12R2. All clients are 7/8.1/10.

Can anyone offer a bit of assistance?

Thanks!

Share this post


Link to post
Share on other sites
Batman   

You could configure authentication policies on the server.

https://technet.microsoft.com/en-us/library/dn486781.aspx?f=255&MSPPError=-2147217396

From what I've read on here https://technet.microsoft.com/en-us/library/dn280945.aspx it looks like you can setup multifactor login using personal devices, like cell phones.

"By using Workplace Join, information workers can join their personal devices with their company's workplace computers to access company resources and services. When you join your personal device to your workplace, it becomes a known device and provides seamless second factor authentication and Single Sign-On to workplace resources and applications. When a device is joined by Workplace Join, attributes of the device can be retrieved from the directory to drive conditional access for the purpose of authorizing issuance of security tokens for applications. Windows 8.1 and iOS 6.0+, and Android 4.0+ devices can be joined by using Workplace Join"

Share this post


Link to post
Share on other sites

  • Recently Browsing   0 members

    No registered users viewing this page.

×