Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

AD Two Factor Authentication

Posted on 2013-01-21
3
Medium Priority
?
630 Views
Last Modified: 2013-01-25
Hello Everyone,
I’ve been tasked with getting information about enabling two factor authentication for users to log on to our domain. I’m not familiar with how to do this. I was hoping to get some insight from you all and check to see if anyone is doing this, how hard it is to implement, software/hardware needed and if it’s the whole domain or can you turn it on per user?
0
Comment
Question by:msidnam
3 Comments
 
LVL 8

Expert Comment

by:barrykfl
ID: 38803962
0
 
LVL 2

Author Comment

by:msidnam
ID: 38805320
Something like RSA tokens or this:  http://www.phonefactor.com/.

it would be after putting in your domain password.
0
 
LVL 12

Accepted Solution

by:
Navdeep earned 2000 total points
ID: 38808951
Hi,

Yes it can be done but the password will change each time user logons to the domain. There are vendors out there in the market some are mature and some have just started. What you can do is contact one of these vendors and submit your requirement and they will come with some form of solution for you that you can further explore

http://www.securenvoy.com/
http://www.goldkey.com/solutions/active-directory/
http://www.quest.com/defender/

All of them have hardware and software token.

Hope that helps
Regards
Navdeep [ExchangeADTech]
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Group policies can be applied selectively to specific devices with the help of groups. Utilising this, it is possible to phase-in group policies, over a period of time, by randomly adding non-members user or computers at a set interval, to a group f…
Compliance and data security require steps be taken to prevent unauthorized users from copying data.  Here's one method to prevent data theft via USB drives (and writable optical media).
This tutorial will walk an individual through locating and launching the BEUtility application to properly change the service account username and\or password in situation where it may be necessary or where the password has been inadvertently change…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

885 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question