You are viewing limited content. For full access, please sign in.

Question

Question

Support for RSA / two factor authentication

Laserfiche Version 9 Version 8 Version 7 Security
Updated March 26, 2014
asked on May 2, 2013 Show version history

Hi,


Does Laserfiche have support for RSA / two factor authentication.

A VAR did a demonstration to one of the governement agencies today and they were asking if Laserfiche had support for RSA?

0 0

Answer

APPROVED ANSWER
replied on May 3, 2013 Show version history

While we don’t support security tokens directly, we have a few customers that use two-factor authentication where they use a combination of Laserfiche logins and security tokens (also referred to as a hardware token, authentication token, USB token, or key fob). They have it set up such that the authentication with the security token occurs at either the machine level or the operating system level. The user can then log in to Laserfiche using their preferred login method (Windows Authentication or Laserfiche username and password).

 

The order of operations would be something like this:

 

1.      Two-factor authentication with security token at machine level:User turns on their computer and has to insert a key fob into the machine to get authenticated. When Windows boots up, they log into Laserfiche using Windows authentication.

2.      Two-factor authentication with security token at operating system level: User turns on their computer, Windows boots up, and they have to use a key fob to log into Windows. They then log into Laserfiche using Windows Authentication.

 

In other words, the security token authentication takes place outside of Laserfiche, but the overarching goal (two-factor authentication) is still satisfied.

 

 

 

 

1 0

Replies

replied on November 26, 2013

Hi,

 

I have been asked the same question. 

 

While the above does emulate 2 factor authentication, I have a use case where the above won't work.

 

My client's scenario is as follows:

 

You are logging in a public pc or outside the organisation from an unsecured PC using Laserfiche web access. 

Usernames/Passwords, however complex they may be, are prone to phishing attacks or brute force.

This is where a security token would provide an additional layer of security before or after using the username/ password combination.

 

Is there any support for this on Laserfiche or any known implementation of the above?

 

Thanks.

0 0
replied on March 26, 2014

Hello Guys,

 

 

I created a visio on how to implement 2FA using out of the box LF products for a client. Hope this helps to implement the two factor authentication for your requirement.

 

Best,

Himanshu

2FA_LF_Forms.pdf (149.47 KB)
Download
0 0
You are not allowed to follow up in this post.

Sign in to reply to this post.

Details
Attachments
Related Posts
Loading ...