Hi.
What token app are you using? Like I say all the push notification 2fa systems I am using are using their own apps:
Microsoft AzureAD and personal accounts: Microsoft authenticator app
Google accounts: Youtube
Banking: Banking app provides push notifications for 2fa.
Salesforce: Salesforce authenticator
Okta: Okta authenticator
Ping: Ping authenticator
Those last 2 are for clients I do work for and the authenticator I think also sends my location to the auth provider so they can see where I work.
Right now for everything else using 2fa I store the tokens in Bitwarden. Guarding Bitwarden I have some Ubikeys and also store a 2fa token in Microsoft Authenticator as it backs up to my Microsoft account. The Bitwarden browser extension and iOS app supports filling in the 2fa tokens automatically for a given site.
I am thinking of extending Bitwarden out to a family subscription with my parents but haven't done it yet as waiting to see how the new unified open source Docker image works out for people in which case I will host it myself. If I go this route I would buy a pack of Ubikeys and set things up so people can use either the Authenticator app with a code to log in or the Ubikey. They will need to have their master password of course.forget their passwords all the time.
Andrew.
-----Original Message-----
From: David Mehler
Hi.
What sites are you trying to use with 2fa? Some of them have the option of using a push service, some don't. The ones that use a push service generally require a special app to get it working, meaning you can have several 2fa apps on the phone to provide push services for each one.
I myself use Bitwarden and have the tokens stored in there and have that protected by a Ubikey. Means I don't need to type in the 2fa codes.
Thanks. Andrew.
-----Original Message----- From: David Mehler
Sent: Monday, April 24, 2023 2:04 AM To: blind-sysadmins Subject: [Blind-sysadmins] Implementing 2FA push authentication Hello,
I'm trying to get 2FA going for some users. I'm finding the user experience difficult to sell as they don't like entering the user codes. What I'm trying to do is get 2FA push notifications going, where they get the notification of where the authentication is being made from and other information, and they just tap confirm.
Ideally i'd like to make this as easy as possible.
Suggestions? Thanks. Dave. _______________________________________________ Blind-sysadmins mailing list -- blind-sysadmins@lists.hodgsonfamily.org To unsubscribe send an email to blind-sysadmins-leave@lists.hodgsonfamily.org _______________________________________________ Blind-sysadmins mailing list -- blind-sysadmins@lists.hodgsonfamily.org To unsubscribe send an email to blind-sysadmins-leave@lists.hodgsonfamily.org
_______________________________________________ Blind-sysadmins mailing list -- blind-sysadmins@lists.hodgsonfamily.org To unsubscribe send an email to blind-sysadmins-leave@lists.hodgsonfamily.org