Idea ID 2775770
Multi-Factor Authentication (MFA) is a security system that verifies a user’s identity by requiring multiple credentials. MFA requires other—additional—credentials, such as a code from the user’s smartphone, the answer to a security question, a fingerprint, or facial recognition.
Currently all retrieves from Account Management Web Site(AMWS) requires only password of the user. Since AMWS is a web-based tool for file retrieval, by implementing Multi Factor Authentication here can add an extra layer of security to authenticate validity of the user.
1. Enhanced Security
2. Cross product integration (like Authasas)
1. In AMWS, Upon login with password, a PIN or an One Time Password (OTP) which is sent by the CB server to be entered only at the time of downloading the zip or exe (My-roam expander).
2. User may receive password to his email given during registration or to his enterprise email in case of LDAP users.
1. Admins may configure the MFA at a Community level or at Server level.
2. A similar config page as LDAP community, can be provided to admins/technicians to integrate the MFA server with CB server.
Initial scope can be confined to PIN or OTP to email. This can be extended to be send as a SMS to user mobile also.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.