How to use Google Authenticator to secure access to desktops

How to use Google Authenticator to secure access to desktops

We hear about high profile security breaches frequently. Most of these breaches exploit the system login credentials of end users to get into the company’s network. Therefor, Leading organizations are recognizing this and are beginning to focus on a better secure end user identities.

The requirement of enforcing an additional authentication method is at all time high, therefore MFA became the most popular technology.

These additional factors of authentication require the user to provide something that only the user knows, has and is.

To enable MFA for desktop logon, We use Google Authenticator as OTP Token provider.

How does Google Authenticator algorithm:

Google Authenticator is a mobile app that implements two-step verification. It uses the time based one-time password algorithm (TOTP) and HMAC-based one-time password algorithm (HOTP) for authenticating user logons.

Click here to download Google Authenticator for Apple IOS

Click here to download Google Authenticator for Andoid OS

We seek adding a 2FA security layer to our windows Logon, hence the need to link Google Authenticator to the Authentication tool.

Firstly, we need to scan a unique QR Code provided by the tool is needed.

Google Authenticator Barcode

Secondly, Google Authenticator home page will display the newly scanned account with its unique token.

The same App can support unlimited number of accounts .

The account you enforced 2FA for won’t be able to logon to his Desktop without using a secure Token provided by Google Authenticator on his mobile, However, the user can logon using a set of predefined secret questions in case the App wasn’t available.

2FA added to windows logon

Two-factor authentication prevents hackers from targeting your account, many will simply move on and find easier accounts to break into. And should they target you, they’ll need more than just your password. In addition to your password, a hacker would also need to have your phone.

To find out more about adding Two-Factor Authentication to your organization infrastructure, contact our team.

WhatsApp
Facebook
Twitter
LinkedIn

Get in touch

We respond within 1 hour on weekdays
EXEO Logo white

Paris. Beirut. Dubai.

Reach out

Re-Architect

This methodology requires the most effort to implement but it results in the most optimised recurring cost and will provide the best scalability for apps. This involves re-adapting the code of applications and the heavy use of SAAS solutions in order to replace existing hosted applications.

Re-Platform

This method utilizes the power of  PAAS services, like transferring a database to an as-a-service model,  the use of containers for some apps or the use of network/security functions as a service. Greater scalability and lower cost of operation is achieved.

Re-Host (Lift & Shift)

the migration of workloads from  to the cloud without changing the architecture. Machines get to keep their  OS and apps. This is the quickest and easy way to migrate, but since its  utilising IAAS, its is also the most expensive on the long term.