Advanced Authentication (AAf): Only Allow Simple Chain On Same Workstation Where High Security Chain Was Authenticated

Add a feature that stops user based simple chain use. Normally if a use authenticates using a high security chain they are able to then use the simple chain on any workstation with NetIQ as long as it is in the time window. This feature would stop that.

Example: LDAP Password+Card is a high-security chain and Card is a simple chain. The users must use LDAP Password+Card chain once in every 8 hours and within this period, they must provide only the Card method to authenticate. However the simple chain can only be used on the workstation where the high-security chain was used first. Going to a new workstation would require the high-security chain to be used first again before the simple chain.

by: Tyler P. | over a year ago | Configuration

If I understand this correctly you are asking to limit second factor caching to the workstation of origin.

How would you see this applied? Universally, by group, by user, by workstation or other?

Troy

by: Troy D. | over a year ago
At least having the ability to apply this universally would be great, however also via user group would also be nice

by: Andrew M. | over a year ago

Micro Focus Enhancement Requests Portal is moving. We are migrating the IDEAS from this site to the New Idea Exchange on May 6th. For more information on the new Idea Exchange please visit the Community FAQs.

3

Only Allow Simple Chain On Same Workstation Where High Security Chain Was Authenticated

Comments