× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.


  1.  Home
  2. MIDRANGE-L
  3. August 2018

RE: Two factor auth for iSeries V7R2

Hello Chris,

I ran this past the internal security team.

Here's the feedback I received:

Access Authenticator does not currently or have plans to use email or SMS texting of second factor codes. Both of those methods are considered very insecure and NIST recommends that they are not used in this manner.
You only need to look back a short time to see a compromise of a major companies systems because an insecure second factor was compromised and used maliciously.

https://www.reddit.com/r/announcements/comments/93qnm5/we_had_a_security_incident_heres_what_you_need_to/

The same goes for voice calls as a second factor - NIST recommends against them. They are easy to spoof and insecure.

Beyond the use of the mobile apps Access Authenticator also supports:
-Printed OTP one time pass codes
-Soft token generated OTP from a user's desktop
-Physical tokens using a YubiKey hard token

** RADIUS and RSA physical tokens are on the roadmap.

Hope this helps.

[HelpSystems]<https://www.helpsystems.com/>

Richard Schoen
Director of Document Management Technology

e. richard.schoen@xxxxxxxxxxxxxxx
p. 952.486.6802 | m. 952.486.6802



From: Richard Schoen
Sent: Tuesday, August 14, 2018 7:21 AM
To: midrange-l@xxxxxxxxxxxx
Subject: RE: Two factor auth for iSeries V7R2


Probably worth a call to the sales team to see what's in store of if it already has this feature.

http://www.helpsystems.com

Regards,

Richard Schoen
Director of Document Management
e. richard.schoen@xxxxxxxxxxxxxxx<mailto:richard.schoen@xxxxxxxxxxxxxxx>
p. 952.486.6802
w. helpsystems.com

----------------------------------------------------------------------

message: 1
date: Mon, 13 Aug 2018 20:34:26 +0000
from: Christopher Bipes <chris.bipes@xxxxxxxxxxxxxxx<mailto:chris.bipes@xxxxxxxxxxxxxxx>>
subject: RE: Two factor auth for iSeries V7R2

Looks promising but I am hoping for an email with a secondary logon code and not a phone application. We cannot force our users to have a cell phone that can run such an application or want to provide a cell phone to all of our users.

Chris Bipes
Director of Information Services
CrossCheck, Inc.


-----Original Message-----
From: MIDRANGE-L <midrange-l-bounces@xxxxxxxxxxxx<mailto:midrange-l-bounces@xxxxxxxxxxxx>> On Behalf Of Richard Schoen
Sent: Monday, August 13, 2018 12:56 PM
To: midrange-l@xxxxxxxxxxxx<mailto:midrange-l@xxxxxxxxxxxx>
Subject: RE: Two factor auth for iSeries V7R2

I believe we have something as part of our Powertech offerings.

Not sure if it works with V7R2 or not.

Check out the following link or reach out to the sales team.

https://www.helpsystems.com/products/multi-factor-authentication-software-ibm-i

Regards,

Richard Schoen
Director of Document Management
e. richard.schoen@xxxxxxxxxxxxxxx<mailto:richard.schoen@xxxxxxxxxxxxxxx>
p. 952.486.6802
w. helpsystems.com




As an Amazon Associate we earn from qualifying purchases.

This thread ...
Follow-Ups:
Replies:
Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.