Enhance the security of access to your JPlatform site
Enhance the security of access to your JPlatform site with a strong two-factor TOTP (Time based One Time Password) authentication.
When to use this module?
Do you want to strengthen the security of your Digital Workplace for certain employees? With the TOTP module you can activate two-step authentication for a target population: for these users the authentication verifies that they are the owner of the mobile phone they have previously configured.
What does this module offer?
The TOTP module allows you to set up a strong two-factor authentication: this requires the user to enter a unique and time-limited TOTP code in addition to his usual password. This code is generated by a two-step authentication application that the user will have previously installed on his mobile phone.
For users whose authentication is configured as two-factor authentication with this module :
When they log in for the first time, they will have to scan a QR code with a two-step authentication application (Google Authenticator, Microsoft Authenticator, Lastpass Authenticator, etc.).
They will have to fill in the generated TOTP code in order to validate their phone.
To authenticate themselves, they will now also need to enter the TOTP code generated by the two-step authentication application.
Once authenticated, they can choose to declare the asset they are using as a Trusted Device: the TOTP code is then no longer required for this asset during the validity period of the Trusted Device.
The module allows a simplified administration, thanks to which it is possible to configure :
The possibility to use recovery keys
Groups for which two-factor strong authentication is not required
Groups for which two-factor strong authentication is required
If two-factor strong authentication is required for administrators
The validity period of the trusted devices
The administrator can also reset a user's AWAY-TO-PAY when the user no longer has access and is unable to authenticate.
What our customers like
A solution compatible with multiple authentication applications
This solution is compatible with all authentication applications following RFC-6238, including many free, proprietary or open source applications to be installed on mobile, iOS or Android. Our users can therefore choose to install the application that suits them best on their own phone.
Ease of implementation
The security policy defined by our CISO indicated that all accesses with advanced write privileges, technical and functional administrators, should be subject to strong two-factor authentication. With the TOTP module, the configuration was quick and the users concerned were able to configure their TOTP very simply.
By Administrateur Jalios,
May 14, 2020,
in the category : The product, Good practices