Multi factors authentication

There are 3 kinds of authentication factors:

A strong authentication is the combination of 2 different kinds of factors.
So in order to protect an application, it's important to do a multi factors authentication (or MFA).

Create an access-rules with MFA

If you already have users and applications, you can create access-rules in order to define how users will authenticate to an application.
You can find the detail using the URL: access rules

Setup the allowed factors

Trustelem factors, used in addition to the password, are:

mfa.png

Usually a multi factors authentication asks first the password then the second factor.
But LDAP protocol doesn't support this flow.

To setup the allowed factors, , you have to use the URL:

https://admin-mydomain.trustelem.com/app#/security/auth

On this page, there are 3 parameters: Login, Auto-enroll, User can reset token auth-factors.png

Login parameter

For a chosen factor, you can activate the option login for all users or for specific users.
When it's done:

Auto-enroll parameter

This feature is deprecated, it will be removed soon and you should not use it.

User can reset token parameter

For a chosen factor, you can activate the option User can reset token for all users or for specific users.
When it's done, the defined users can use their dashboard to reset this factor:

https://mydomain.trustelem.com/#security

mfa3.png

Enrollment

Individual enrollment using dashboard

This has to be done by a Trustelem administrator enroll1.PNG

Individual enrollment using email

This has to be done by a Trustelem administrator enroll2.PNG

Enrollment campaign

1.PNG

2.PNG

If you check the Enable enroll during login option, it will activate the new Auto-enroll feature :

mfa2.png


Revision #7
Created 1 July 2022 08:24:56 by WALLIX Admin
Updated 23 December 2022 14:12:23 by WALLIX Admin