MFA (Multi factor authentication)
What is it?
Something you know – password
Something you have – phone or token
Something you are – biometrics (fingerprint, face scan)
MFA is all the rage these days, and so it should be. It allows users to add multiple layers of security to protect their identity, their assets and their companies data and assets.
Typical requirements for MFA usually require the user to have a mobile phone. This then enables calls, texts and applications such as the Microsoft Authenticator app to act as possible verification options during the MFA process.
But what if the user doesn’t have a mobile phone? Or has one but doesn’t want to use their personal device for work?
Enter the alternative option…Hardware Tokens!
We have looked at one vendor in particular called Token2
They offer tokens that work with Azure AD MFA, they can be purchased as single tokens or as volume orders, the order process was simple and delivery (even during Covid-19) was relatively quick.
They provided an encrypted/zipped file that contained all the necessary information in .csv format (Azure AD .csv requirements) to upload to Azure AD MFA. Once uploaded it was equally as easy to activate the token for the assigned user.
NOTE: Before you upload the file you will need to edit it in notepad and enter the UPN of the user that will use the token. Do not edit in Excel else it will break functionality of the file once uploaded.
The token experience – My MFA Arsenal
Tokens provide an alternative to otherwise requiring mobile phones for MFA verification.
Token2 in particular made the process easy to order, receive, upload information and configure the device for use.
Their support process (something that is very, very important to me) was also quick (within an hour or less of submitting an email) and I was happily surprised when one of their support personnel even reached out to me via an MS Teams chat when I had questions.