Two Factor Authentication on a small network Yubikey?

  • ATTENTION! As of November 1, 2020, you are not able to reply to threads 6 months after the thread is opened if there are more than 500 posts in the thread.
    Threads will not be locked, so posts may still be edited by their authors.
    Just start a new thread on the topic to post if you get an error message when trying to reply to a thread.

bernard038

Regular Contributor
Hi All,

We have a small network (windows, domain based, two DC's, approx ten users) and as security is a issue in our company (we are active in mental health services, so most information we handle is part of doctor patient confidentiality), passwords are growing longer and more complex. This is annoying to my users..

So i am thinking about implementing two-factor authentication. BUT, most solutions are targeted on larger enterprises. and i really do not want additional serverfarms to handle authentication. So maybe the Yubikey - Authlite solution might work for us... BUT does anyone have any experience with this combination?

Maybe there are other solutions which might work, so if you have another option, let me know! (please bear in mind i don't provide our users with phones, so any phone-based solution is out of the question....)

Cheers, b.
 

RMerlin

Asuswrt-Merlin dev
Just an idea - how about an OAUTH-based solution, using a smartphone soft token software (like Google Authenticator)? Assuming everyone owns a smartphone.
 
  • Like
Reactions: KW.

bernard038

Regular Contributor
Hi RMerlin,

Just an idea - how about an OAUTH-based solution, using a smartphone soft token software (like Google Authenticator)? Assuming everyone owns a smartphone.
Thank you for your answer, afaik Yubikey uses OAuth.. And a phone based solution is not viable, as i dont hand company smartphones to my employees.....
 

coxhaus

Part of the Furniture
I have no experience with Yubikey - Authlite but I am trying figure this out. So is this extra security going to protect your network from your staff? I am trying to figure out what you are gaining. Cisco has a way to lock down hardware I have seen it in their switches. It looks like you run Cisco hardware.
 

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top