Login
    Contenu x
    Additional Administrator Considerations for Authentication with OTP
    • 21 Nov 2024
    • 1 Minute à lire
    • Sombre
      Lumière
    • PDF
    Contenu

    Additional Administrator Considerations for Authentication with OTP

    • Mis à jour le 21 Nov 2024
    • 1 Minute à lire
    • Sombre
      Lumière
    • PDF
    The content is currently unavailable in French. You are viewing the default English version.
    Résumé de l’article

    • You need to provide information about which credentials are required for authentication together with the Digipass authenticator, i.e. one-time password, server PIN, and/or static password.
    • You can configure Digipass Authentication for Windows Logon (via Digipass Authentication for Windows Logon Configuration Center or via Group Policy) to display a notification if the grace period is about to expire upon every authentication attempt with the static password (on the Welcome screen or in the Status Hover Pane).

    • You can configure Digipass Authentication for Windows Logon (via Digipass Authentication for Windows Logon Configuration Center or via Group Policy) to enforce OTP authentication for users who have a Digipass authenticator assigned. This will disable the default credential provider on the Select User screen, and users can only select DIGIPASS Authentication. Users who have a Digipass authenticator assigned can only authenticate with OTPs, while users who do not have a Digipass authenticator assigned may use their static password.

      The behavior of the Filter credential providers option can be different in RDP scenarios, especially with multiple domains. Consider a scenario where a user is already logged on (computer A) and attempts to connect to another workstation or server (computer B) via remote desktop (RDP), where both computers have Digipass Authentication for Windows Logon installed (but with different configuration settings). If computer B requires OTP authentication but computer A does not, the user may not be required to use an OTP when connecting from computer A to computer B via RDP (because of the settings of computer A). This behavior is caused by a Windows security limitation that forcibly uses the credential provider settings of the source computer and cannot be circumvented in newer Windows versions.

    • You can configure Digipass Authentication for Windows Logon (via Digipass Authentication for Windows Logon Configuration Center or via Group Policy) to display contact information to inform users about whom to contact in case they forgot/lost their Digipass authenticators to request a backup Virtual Mobile Authenticator.
    • You can configure Digipass Authentication for Windows Logon to enforce static password verification when performing offline authentication by disabling Stored Password Proxy and setting Back-End Authentication to Always in the OneSpan Authentication Server configuration.

    • You can configure Digipass Authentication for Windows Logon (via Group Policy only) to always use separate credential fields for the password and the OTP on the Windows Logon screen (see Configuring the Windows Logon screen ).

    Cet article vous a-t-il été utile ?
    What's Next
    Change password!
    Changing your password will log you out immediately. Use the new password to log back in.
    Change profile
    Success!
    First name must have atleast 2 characters. Numbers and special characters are not allowed.
    Last name must have atleast 1 characters. Numbers and special characters are not allowed.
    Enter a valid email
    Enter a valid password
    Your profile has been successfully updated.
    Logout
    ESC

    Ozzy, facilitant la découverte de connaissances grâce à l’intelligence conversationnelle