In multiple conversations with clients there is often the question around how does the NetIQ Smartphone App compares with Google authenticator and often enough the feedback is that the NetIQ Smartphone app is relatively more secure due to the fact that it supports the pin/biomentric to authenticate the user before he/she can access the OTP sequence.
Following the same principle, it will be good be able to protect the desktop OTP app with a chain so the user will have to provide a response to the authentication challenge before being able to have access to the OTP sequence. Perhaps it could work similar to the windows integration and cached methods?
Also, the Configuration web portal is accessible via username/password configuration. It will be good if once could assign chains to this portal similar to the "/admin" portal to improve its security as this portal provides access to critical administration functions such as enable/disable ssh.

by: Bruno U. | over a year ago | Configuration