By Rajat Bhargava Posted January 26, 2017
Recently, we were asked if our Identity-as-a-Service platform supported Linux MFA (multi-factor authentication). The answer is yes. Our IDaaS solution called Directory-as-a-Service® has built-in Linux 2FA support. On a related topic, it also supports MFA for macOS and to our user and admin portals.
Breaches and Compromising Situations
The concept of multi-factor authentication has gained a great deal of attention lately. Network breaches are at all-time highs right now.
The top method of entry is to compromise user credentials:
Hackers are using poor user security hygiene against IT organizations. Many end users leverage the same username and password for their personal accounts and business accounts. This means that when a consumer website or application is hacked, those credentials are often the same for business solutions, such as G Suite, Microsoft Office 365, or others.
Despite the IT organization’s best efforts, a compromise at a completely unrelated site can adversely impact the organization’s business.
Use MFA to Secure User Identities
One significant method to secure user identities is to add multi-factor authentication to the login process. After a user has entered their username and password, the Linux system will ask for a token. This token or pin code is generated by a smartphone application, for example, Google Authenticator.
As a result, to log into the device, a user must know the password as well as have the pin code. This second factor is what makes it near impossible to hack the login process. Even if hackers have gained the user’s credentials, they must have the pin code as well. It should be noted that the pin code is rotated every 60 seconds.
“The Old Way” to Get MFA on Linux Devices
Adding MFA to Linux machines has traditionally been a third-party add-on solution for IT organizations. Historically, IT admins have leveraged Microsoft Active Directory® for their core directory service. Add-on solutions are then purchased to help manage Linux machines. And yet another solution is added to implement Linux MFA.
The New Way to Linux MFA
Modern, cloud-forward organizations have shifted to the Identity-as-a-Service solution Directory-as-a-Service. This cloud-hosted directory service has included Linux user and device management support as well as Linux MFA. IT admins can now centrally manage all of their systems – Windows, macOS, and Linux – in addition to securely connecting users to those systems.
If you would like to learn more about how the Identity-as-a-Service function for Linux MFA increases security, drop us a note. Or sign up for a free account and try our virtual identity provider for yourself. Your first 10 users are free forever.