Community
[ Closed ] [Resolved] Server Based MFA
Links used in this discussion
snk-nick,
User (Posts: 59)
Mar 01, 2022 4:59:27 pm EST
Support level: Pro
Currently MFA is enabled per host - I use a self hosted server with custom server security as the only authentication method. It would be nice to enable MFA login for these accounts rather than (or in addition to) the host based MFA.
Pauline,
Support (Posts: 2881)
Mar 02, 2022 8:15:49 am EST
Hello,
Thank you for your message.
Could you please clarify if you mean adding the multi-factor authentication features, such as 2FA to the RU Server's side as well, so that it'd be possible to configure the additional authentication on the Server and apply it to all Hosts at once?
If you mean something else, please let us know.
Looking forward to your reply.
Thank you for your message.
Could you please clarify if you mean adding the multi-factor authentication features, such as 2FA to the RU Server's side as well, so that it'd be possible to configure the additional authentication on the Server and apply it to all Hosts at once?
If you mean something else, please let us know.
Looking forward to your reply.
snk-nick,
User (Posts: 59)
Mar 03, 2022 12:06:54 am EST
Support level: Pro
I'm talking about 2FA to log into the server via the viewer - that way any host set up to use custom server security effectively has 2FA enabled by default and is much simpler to manage in large numbers.
So when I fire up the viewer I am asked for a 2FA token once. Perhaps also add an option to require a 2FA code entered before any action is taken on a host as well.
So when I fire up the viewer I am asked for a 2FA token once. Perhaps also add an option to require a 2FA code entered before any action is taken on a host as well.
Pauline,
Support (Posts: 2881)
Mar 03, 2022 8:30:36 am EST
Hello,
Thank you for the clarification and the provided details.
I will forward your feature suggestion to our development department for a review to see if we can implement it in our future updates.
Please let us know if you have more questions.
Thank you for the clarification and the provided details.
I will forward your feature suggestion to our development department for a review to see if we can implement it in our future updates.
Please let us know if you have more questions.
Pauline,
Support (Posts: 2881)
Mar 05, 2022 3:50:10 pm EST
Hello,
Thank you for your patience.
I've checked on this suggestion with our development department and they have let me know that we plan to implement some similar features in the future updates for Remote Utilities. Unfortunately, there's no specific ETA or any additional details on these features yet.
Hope that helps.
Thank you for your patience.
I've checked on this suggestion with our development department and they have let me know that we plan to implement some similar features in the future updates for Remote Utilities. Unfortunately, there's no specific ETA or any additional details on these features yet.
Hope that helps.
E S,
User (Posts: 4)
Feb 02, 2023 6:54:44 pm EST
Support level: Starter
I would like to second this feature request.
The MFA token should be unique to each user. Currently, when multiple users need to access the same host, the current host-based 2FA becomes a pre-shared key.
Also, server-based MFA would avoid the time synchronization problem with the host-based 2FA.
https://www.remoteutilities.com/support/forums/messages/forum2/message12302/2371-two-factor-authentication-time-synchronisation#message12302
Sometimes, it is hard to enforce NTP sync of our customer PCs.
Time sync of our custom authentication server is much easier to manage.
The MFA token should be unique to each user. Currently, when multiple users need to access the same host, the current host-based 2FA becomes a pre-shared key.
Also, server-based MFA would avoid the time synchronization problem with the host-based 2FA.
https://www.remoteutilities.com/support/forums/messages/forum2/message12302/2371-two-factor-authentication-time-synchronisation#message12302
Sometimes, it is hard to enforce NTP sync of our customer PCs.
Time sync of our custom authentication server is much easier to manage.
Pauline,
Support (Posts: 2881)
Feb 02, 2023 7:07:38 pm EST
Hello,
Thank you for your message.
I will forward your input to our developers as well, so they can take this into account when working on this functionality. I'll update this thread if there are any updates on this feature or when it becomes available.
Let us know if you have more questions.
Thank you for your message.
I will forward your input to our developers as well, so they can take this into account when working on this functionality. I'll update this thread if there are any updates on this feature or when it becomes available.
Let us know if you have more questions.
* Website time zone: America/New_York (UTC -5)