Dream.In.Code > Web Development > Web Servers & Hosting

Welcome to Dream.In.Code
	Getting Help is Easy! Join 132,101 Programmers for FREE! Get instant access to thousands of experts, tutorials, code snippets, and more! There are 2,256 people online right now. Registration is fast and FREE... Join Now! Chat LIVE With a Expert

strong authentication

Reply to this topic

Start new topic

strong authentication, what are my options for terminal services?

pbuck	17 May, 2008 - 07:00 PM Post #1
New D.I.C Head Joined: 17 May, 2008 Posts: 18	I need to authenticate all my remote terminal services users with an out of band service, hopefully with a telephone. I've herd phonefactor is pretty good and inexpensive, and have been out to their site, but don't know anyone actually used it (would love to use the phone for biometrics too!). Has anyone here tried them?
	This Post Was Helpful! ^New!


Register for Free to Make These Ads Go Away!

kakumar	27 May, 2008 - 05:43 AM Post #2
New D.I.C Head Joined: 27 May, 2008 Posts: 14	We've used the free version of PhoneFactor for Terminal Services. Not so bad...
	This Post Was Helpful! ^New!

pbuck	27 May, 2008 - 05:08 PM Post #3
New D.I.C Head Joined: 17 May, 2008 Posts: 18	I'm hoping to manage a token-less implementation. Pain in a butt to manage hardware. Is PhoneFactor significantly easier?
	This Post Was Helpful! ^New!

kakumar	28 May, 2008 - 07:03 PM Post #4
New D.I.C Head Joined: 27 May, 2008 Posts: 14	Yup, big point is that you don't have to manage tokens. The other thing is for Terminal Services and some other applications there are some nice utilities that automate setup on the server. Took us a half hour.
	This Post Was Helpful! ^New!

frankmantooth	2 Jun, 2008 - 02:42 PM Post #5
New D.I.C Head Joined: 21 May, 2008 Posts: 4	Another nice element: Out of Band 2 factor authentication. After logging in, the system places an outbound call. User simply presses "#" and telephone network informs terminal server (in case of TS implementation--which ours is) that 2nd factor has been fulfilled. Avoids potential phishing problems...
	This Post Was Helpful! ^New!

pbuck	8 Jun, 2008 - 06:24 PM Post #6
New D.I.C Head Joined: 17 May, 2008 Posts: 18	WEll, the token management part is what makes a difference for me. We've set up the free phonefactor version, it's actually going to be enough for production for a little while. No tokens means not out of synch problems, no lost tokens, no walking through how it works for a lot of needy users.
	This Post Was Helpful! ^New!

kakumar	10 Jun, 2008 - 02:25 PM Post #7
New D.I.C Head Joined: 27 May, 2008 Posts: 14	Would be great if there were additional phonefactor capabilities available like PIN ID
	This Post Was Helpful! ^New!

pbuck	14 Jun, 2008 - 09:17 PM Post #8
New D.I.C Head Joined: 17 May, 2008 Posts: 18	There is a pin code option in an enhanced version of phonefactor. Need to find out if that means you enter the pincode in the phone, or you get the pincode from the phone (as you would with a token) and enter it into a browser windown. The former sounds like a simpler and more secure solution, mainly because of that out of band consideration.
	This Post Was Helpful! ^New!

frankmantooth	17 Jun, 2008 - 07:06 PM Post #9
New D.I.C Head Joined: 21 May, 2008 Posts: 4	My understanding is that the pin id feature allows user to enter the pin into the phone as opposed to viewing the pin supplied through the phone network and then entering it into the browser. To me this is hugely more beneficial because using two separate networks outbound and inbound makes it really hard for phishers
	This Post Was Helpful! ^New!

pbuck	18 Jul, 2008 - 12:16 PM Post #10
New D.I.C Head Joined: 17 May, 2008 Posts: 18	Recently implemented OWA 2-factor Authentication, which works pretty well and for an unlimited set of users. Upside is that I can use the same system for both TS and for OWA. Downside is I have to pay for the service to support both apps. Pretty modest fee though!
	This Post Was Helpful! ^New!

kakumar	25 Jul, 2008 - 10:20 AM Post #11
New D.I.C Head Joined: 27 May, 2008 Posts: 14	Site says you have to pay for customer service at PhoneFactor (ugh...) Seems like the kind of thing where you end up being nickel and dimed...
	This Post Was Helpful! ^New!

pbuck	25 Jul, 2008 - 08:28 PM Post #12
New D.I.C Head Joined: 17 May, 2008 Posts: 18	Well, it may look like that, but the positive surprise is that you can actually get some pretty good customer service, help, etc. without having to pay for it. Whenever we have called they've been pretty helpful, even when we haven't upgraded to the paid version.
	This Post Was Helpful! ^New!

Fast Reply

Reply to this topic

Start new topic

Display Mode: Standard · Switch to: Linear+ · Switch to: Outline

Track this topic · Email this topic · Print this topic · Subscribe to this forum

Time is now: 11/21/08 09:28AM

Invision Power Board v2.1.7 © 2008 IPS, Inc.

Licensed to: MediaGroup1

Advertising | Terms of Use | Privacy Policy | About Us | Site Map

Forum Index: Programming Help | C and C++ | Visual Basic | Java | VB.NET | C# | ASP.NET | PHP | ColdFusion | Perl and Python | Ruby | Databases | Other Languages | Game Programming | Software Development | Computer Science | Industry News | Programming Tutorials | C++ Tutorials | Visual Basic Tutorials | Java Tutorials | VB.NET Tutorials | C# Tutorials | PHP Tutorials | Linux Tutorials | ColdFusion Tutorials | Windows Tutorials | HTML/JavaScript Tutorials | CSS Tutorials | Flash Tutorials | Web Promotion Tutorials | Photoshop Tutorials | Software Development Tutorials | Database Tutorials | Other Language Tutorials |

Copyright 2001-2008 MediaGroup1 LLC, All Rights Reserved
A MediaGroup1 LLC Production - Version 6.0.2.1.36

Search^Updated!w00t

Over 509,000 Pages! Advanced Forum Search

Live Help!

Tutorials

Programming

Web Development

Reference Sheets

Code Snippets

Bye Bye Ads

Free DIC T-Shirt

T-Shirt Example

Related Sites

Monthly Drawing

Partners

Top Contributors

Top 10 Kudos This Month