VPN with Two Factor Authentication

Written by George Lattimore on June 26, 2019

Share This Article

The use of virtual private networks (aka VPNs) remains common for connecting users to their critical networks and IT resources. Therefore, it should come as no surprise that IT admins, managed service providers (MSPs), and DevOps engineers are interested in combining 2FA (two-factor authentication) with VPNs for stronger security. 

Two-factor authentication has quickly become one of the most popular and effective security innovations around, and as such, is being integrated as a defensive layer wherever critical resources are accessed. When used in conjunction with a VPN, for instance, 2FA can add an essential network access filter that screens out bad actors and protects the underlying digital assets. Let’s look into this further to explore the value of adding 2FA with VPNs, and what services you can lean into for streamlined security. 

How 2FA Fortifies Network Access

The idea is relatively straightforward: as users log into their IT resources, they’re prompted for a second factor to verify their identity. No matter whether the user is connecting to systems, applications, WiFi, or of course, their VPNs, their credentials must be confirmed to ensure security.

End users enter their normal credentials, which are usually just a username and password into the IT resource, and then a second factor steps in that requires copying a 2FA token generated on the end user’s smartphone or a fob. By leveraging something that the person knows along with something that they individually have, IT admins can be much more certain that the correct person has been granted access.

This process is especially valuable for VPNs. Generally speaking, VPNs have been used to link users to their high-value IT resources, and this process was often done through the corporate network for remote users. These days, VPNs are commonly set up for technical users to access their cloud infrastructure hosted on Amazon Web Services (AWS), Google Cloud Platform (GCP), or perhaps a traditional data center in a remote location. 

Using Directory-as-a-Service to Streamline Security

IT admins can now leverage a third-party RADIUS-as-a-Service solution to backend their VPN infrastructure, but, why would they take this approach? Well, for one, it’s incredibly easy to set up. IT admins and DevOps engineers can simply point their VPNs to authenticate through a cloud RADIUS service

Secondly, a cloud RADIUS service effectively avoids the need for any on-prem infrastructure, while still giving admins the identity management control they need over their VPNs.

Add on the ability to combine industry-standard features like two-factor authentication with RADIUS, and you can start to see why over 75k organizations are using JumpCloud for their identity management. 

Are you interested in trying out 2FA on your VPNs? Directory-as-a-Service is completely free for your first 10 users, so get started exploring the platform in full, today. If you’d also like to see a personalized demo, a JumpCloud product expert will be more than happy to walk you through how it works in a live demo. 

George Lattimore

George is a writer at JumpCloud, a central source for authenticating, authorizing, and managing your IT infrastructure through the cloud. With a degree in Marketing and an MS in Public Communications and Technology, George enjoys writing about how the IT landscape is adapting to a diversified field of technology.

Continue Learning with our Newsletter