Skip to content
 

Secret Server Feature: multi-factor authentication

Use multi-factor with Secret Server for robust authentication

Multi-factor is an authentication method based on something you know (a password) and something you have (a one-time token).

What’s the challenge?

When an administrators’ usernames and passwords have been compromised, you need a way to ensure that access to your Secret Server password software is still protected, and the average single-factor authenticator apps just won’t cut it. That’s where our multi-step verification comes in.

Why it’s important

Secret Server holds some of your organization’s most sensitive data and access to it must be secure. Multi-factor user authentication is a security best practice that is easy to enable in Secret Server, and supports many common providers.

How this feature solves it

Multi-factor authentication ensures that even if a password is stolen, a malicious user can’t access Secret Server. It helps confirm that a user is who they say they are and is not a malicious user impersonating them to gain access. It also assists in quicker account recovery.

Is your organization forced to meet regulatory compliance guidelines? By using multi-factor as part of the Secret Server login process you can solidify your information security practices required by many compliance mandates.

TRY IT FREE FOR 30 DAYS. It’s fast to install and easy to use!
Start your free trial of Secret Server using the trial form.
View Secret Server’s full list of user-friendly features.

Additional Information

You can use many different multi-factor authentication solutions including Thales SafeNet Trusted Access, RSA, Smartphone apps such as Google authenticator on your mobile device, and Duo Security.

Secret Server also supports any multi-factor provider that provides a RADIUS interface. This is an industry-standard implementation and most commercial multi-factor vendors support RADIUS.

Duo Security

Duo Security supports push notifications directly to the user’s phone, as well as hardware tokens such as YubiKey. If the user’s app or token isn’t available, they can also receive a phone call or text message for out-of-band authentication.

Duo Security, a two-factor authentication solution provided by security company Duo, is supported by Secret Server.

Google authenticator or any soft token app that supports TOTP (Microsoft Authenticator, Duo, Amazon MFA) can also be used. Soft tokens are a free and quick way to add additional security to your login process if no commercial multi factor solution is available.

The Google Authenticator app is a two-factor authentication solution that provides a one-time password which users must provide in addition to their username and password to log into Google services or other sites.

Secret Server also supports any multi-factor provider that provides a RADIUS interface. This is an industry-standard implementation and most commercial multi-factor vendors support RADIUS.

Two-factor authentication with RADIUS and Secret Server

Benefits of using multi-factor authentication:

  • You can use your existing authentication infrastructure.
  • You can authenticate users before granting them access to Secret Server.
  • You’ll comply with information security policies.

Useful MFA Links

Configuring Duo Multi-Factor

Configuring Thales SafeNet Trusted Access

Setting up RADIUS

 

Start a Free 30-Day Trial