Completed

Support for OTP (One Time Password) - Strong Authentication

by: Ludovica C. | over a year ago | Administration
This idea is
closed for voting.
return to idea list

To allow further protection than standard username/password, it would help to have OTP/Strong Authentication support added to Filr.

Please consider both types: OTP Software solutions (like http://www.mcafee.com/us/products/one-time-password.aspx, which would help the BYOD cause) or Physical solutions (like the well known http://www.emc.com/security/rsa-securid/index.htm?fromGlobalSelector).

by: Ludovica C. | over a year ago | Administration

Comments

  • I agree that filr should support strong (multifactor) authentication. Question is, if that is requred for all users or maybe it should be enough for internal users only.
    With external users there is problem with user provisioning. I think it could be only done if filr would have some kind of integegration with OTP system, which would be hard because there are so many different OTP solutions.
    My suggestion is that filr uses different URLs for internal and external/public users. With that change administrator could require different authentication using some kind of access management solution, like NetIQ Access Manager.

    by: Sebastijan S. | over a year ago

  • The request I had is for internal users (coming from eDirectory/LDAP) but I don’t fully understand your comment that some integration with OTP would be needed for external users: I think an integration with OTP is needed in both cases: Filr must request the OTP (together with username/password) that in turn must be passed to the OTP solution. Please see what we used to do with GWise Web Access & NordicEdge (now MCAfee’s OTP): https://www.novell.com/coolsolutions/tools/19012.html
    Now, if each OTP solution has its own proprietary way to integrate is something I honestly don’t know (and would be glad if anyone can confirm or not, I assumed somehow there was a standard protocol adopted by all OTP vendors).

    by: Ludovica C. | over a year ago

  • Think it should be a good idea, to have an OTP to LDAP Users (internal), and an non OTP Login for Local (external) Users!

    by: Ramon B. | over a year ago

  • Great idea but administrator can choose which users can use OTP.

    by: Roch H. | over a year ago

  • Good idea - Noted!

    by: Devadas K. | over a year ago

  • We will be bringing support for Multi-Factor Authentication in Filr by integrating with Advanced Authentication (https://www.netiq.com/products/advanced-authentication/)

    This is planned for Filr 3.2 release.

    Note that in the first phase we will be supporting Multi-Factor authentication for LDAP users.

    Related idea: https://ideas.microfocus.com/MFI/novell-filr/Idea/Detail/1749

    by: Devadas K. | over a year ago

  • Thanks for all your inputs and interests on this.

    This is now available as part of Filr 3.2 (Released last week).

    Marking this idea as completed.

    by: Devadas K. | over a year ago