Others want to transfer the authenticator over to a new phone, only to find that Google Authenticator doesn't support this.Īuthy has positioned itself as a top rival to Google Authenticator. Some people have lost their phones and were locked out of their accounts.
You can tell this is a problem by looking through some of the negative reviews for the app. Google Authenticator also doesn't have any backup or phone transfer features. This makes it dangerous if someone gets a hold of your unlocked phone, as they can mess with your codes without issue. It also doesn't hide the codes away when you open the app: every code is visible from the get-go. Google Authenticator doesn't ask you to verify your identity when you open the app. Google Authenticator, on the other hand, has over 10 million downloads to date, making it one of the most popular 2FA authenticators for Android. We are looking, when you get to it, for 2FA, pref supporting Google Authenticator RFCs, built in to AD.ĭoesn't AD have native support (by now, 2016.Google has tried to dip a toe into niches such as social media and gaming, with the latter getting a less-than-stellar score in our Google Stadia review. We are not speaking here of AD FS specifically. Oddly, it appears to be a dev project, requiring some code and its own SQL DB. There is a technet article on how to use google authenticator with Active Directory Federated Services (AD FS): We would like physical login to be as tight as the VPN (and using a similar auth tool). But some tools (like our vpn server), use AD for auth AND support Google Authenticator on top of that. Where We Stand Today: Today, logins to desktop and PCs are via plain jane passwords. this is not about web-oriented OpenID and the like.
(We use google authenticator with Amazon AWS, and many other hosted systems - each of those systems has its own user db.) E.g. We are trying to use the google authenticator tool (or authy or any other tool that implements that RFC) to add 2FA to AD itself. Ultimate Dream: With AD boosted by 2FA in this way, other apps we use that use AD as the directory will (we hope) magically get the 2FA benefit.įor clarity: We are not trying to use google (or other) accounts to log into AD. We thought this would be built in to Server 2016, but it appears not to be? This path is compelling because it is RFC based, and widely used for internet based apps, and the user base already has it and uses it all the time. Use Case: 2FA to log in to Active Directory (such as logging into a corporate desktop computer that is on AD)ĭesired Solution: Google Authenticator-style, RFC based MFA system.
0 kommentar(er)
