Pages

One-Time Passwords with OneLogin and YubiKey

Using multiple authentication factors is an effective way of preventing someone from accessing your sensitive data even if they manage to get hold of your username or password. For a brief introduction to the topic, read the article Authentication Factors.
OneLogin supports both VeriSign VIP Access and Yubico's YubiKey for one-time password generation. These solutions fall the "something you have" category, which means that if you successfully authenticate, the authenticating party knows that the user has the key in their possession. This significantly reduces the chances of someone else hacking into that user's account.

Enabling OTP

In order to use OTP with OneLogin, one of your account's admins has to turn it on. This is done under Security -> OTP.
otp_config.png
OneLogin lets you use VIP Access and YubiKey at the same time, which is an advantage if you have different users with different needs. For example, someone who works from an office all day maybe prefer YubiKey because of its easy-of-use while someone who travels may prefer VIP Access because always it's in their phone.
OTP can be required for all administrators only, all users or select users.

Registering OTP Devices

 

In order for an OTP device to be used, it must be associated with a user. This can be done manually by the administrator user by user, but that's not practical on a large scale, especially with VIP Access where only the employee has access to the device. If OTP is required for a user, the user will be prompted to register the device at the first successful login.

Configuring users

Once OTP is enabled for, you will be able to register the device on the individual users as shown below. Go to People -> Users and select a user. This is also where you deregister OTP devices.
otp_edit_user.png
To register a YubiKey, insert the key in the USB port and press the button. This will insert a 30 long string in the field of which the first 12 will be stored on the user. These 12 character uniquely identify the key and are now tied to this user.
To register VIP Access, enter the Credential ID shown in the mobile application.
Make sure you that you register your own key before you log out, or you will not be able to log in again.

When is OTP Required?

Use the required setting to enforce whether users have to use OTP at every login or just when they log in from an unknown or expired browser.

Logging in

Once OTP has been turned all, all users will see a login page as shown below. Once Email and Password have been entered, a YubiKey or VIP Access field will appear.
otp-login.png

More Here


Courtesy:http://support.onelogin.com/entries/129685-yubikey-guide

11 comments:


  1. Greetings. I know this is somewhat off-topic, but I was wondering if you knew where I could get a captcha plugin for my comment form? I’m using the same blog platform like yours, and I’m having difficulty finding one? Thanks a lot.
    Best AWS Training in Chennai | Amazon Web Services Training Institute in Chennai Velachery, Tambaram, OMR
    Advanced AWS Training in Bangalore |Best AWS Training Institute in Bangalore BTMLA ,Marathahalli

    ReplyDelete
  2. Wow it is really wonderful and awesome thus it is very much useful for me to understand many concepts and helped me a lot. it is really explainable very well and i got more information from your blog.
    microsoft azure training in bangalore
    rpa interview questions and answers
    automation anywhere interview questions and answers
    blueprism interview questions and answers
    uipath interview questions and answers
    rpa training in bangalore

    ReplyDelete
  3. This is most informative and also this post most user friendly and super navigation to all posts... Thank you so much for giving this information to me.. 
    Best Devops Training in pune
    Devops Training in Bangalore
    Power bi training in Chennai
    Microsoft azure training in Bangalore

    ReplyDelete
  4. Your story is truly inspirational and I have learned a lot from your blog. Much appreciated.
    python Course in Pune
    python Course institute in Chennai
    python Training institute in Bangalore

    ReplyDelete
  5. This is really impressive post, I am inspired with your post, do post more blogs like this, I am waiting for your blogs.

    CCNA Training in chennai

    ReplyDelete
  6. Best Content Writing Courses in Bangalore with 100% Placement Assiatance. Work On Live Projects & Premium Tools. Content writing certification course.
    https://onlineidealab.com/digital-marketing-training/

    ReplyDelete