![]() ![]() Go to the Security basics page and sign in with your Microsoft account. When you sign in on a new device or from a new location, we'll send you a security code to enter on the sign-in page. For more info about the authenticator app, see How to use the Microsoft Authenticator app. Two-step verification begins with an email address (we recommend two different email addresses, the one you normally use, and one as a backup just in case), a phone number, or an authenticator app. When two-step verification is turned off, you will only have to verify your identity with security codes periodically, when there might be a risk to your account security. If you turn on two-step verification, you’ll get a security code to your email, phone, or authenticator app every time you sign in on a device that isn't trusted. What happens when you turn on two-step verification ![]() For that reason, we strongly recommend you have three pieces of security info associated with your account, just in case. Or if you lose your contact method, your password alone won't get you back into your account-and it can take you 30 days to regain access. This means that if you forget your password, you need two contact methods. As soon as you try to RDP with the user you’ve added in the first section (or one of its aliases), you’ll be seeing the following and you’ll also receive a push notification on your mobile.Important: If you turn on two-step verification, you will always need two forms of identification. Now that we’re finally done with the configuration, let’s test it out. Trying to RDP to a protected server/client Now you can also setup Offline access if you want.I am only interested in protecting RDP access, but if you keep the last checkbox empty, you’ll be able to require MFA to also local logons.Screenshots of the installation (use the secrets you gathered at the previous section):.Note, the link will bring you to DUO’s latest application. Download the Duo Authentication for Windows Logon installer package.In this step we’ll install an application that will be configured to use the secrets above and that will protect RDP connections with DUO’s MFA. Install DUO Authentication on the server(s) and client(s) you want to protect Click Protect this Application to get your integration key, secret key, and API hostname.Click Protect an Application and locate Microsoft RDP in the applications list.Log in to the Duo Admin Panel and navigate to Applications.This step will setup a unique set of secretes that are linked to your DUO account. Generate secrets to protect a specific Application (RDP in our case) Let the user follow the steps on his/her smartphone. The user will receive an email similar to the below.You can also add other aliases from the same page:.Once you’ve filled in all of the fields, you can Send an Enrollment Email to the user you’re setting up.Now fill in the email address and “Require” MFA.Let’s start by typing the primary username.You can setup an alias for each Windows user on the same DUO User account. Imagine if you have a small environment, where you have 3 different users accounts, all managed by the same person. This means that with the same user setup, you can control multiple Windows Users. The cool thing is that 1 user can have up to 4 aliases. This is just a sample, so I’m setting this up for Administrator, you can choose the actual user you want to allow RDP for.The user we’re setting up, is the user who will be used to RDP on the server you want to protect. In order to protect RDP with MFA, DUO has a pretty good and simple documentation which can be found here, you can also keep reading this post as I’ll go through the steps.The same app/setup can be used to setup the first user of the application you want to protect. The registration will also let you download and setup the DUO Mobile application on your mobile which will be used for accessing the DUO Admin panel. Here, you can have a look at the pricing section. ![]() This doesn’t apply only to RDP, in fact you can secure many other applications with DUO.īased on DUO’s current pricing (20190523), this is free for the first 10 users. This article will show you how to Enable Multi-Factor Authentication on RDP with DUO, for free. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |