General discussion


Advice: Terminal Server and fonefactor

By andre.j.hawkins ·
I keep coming across fonefactor when googling for two-factor and Terminal Server, but never heard of them. Does anyone have experience/recommendations? Has to be PCI compliant.

This conversation is currently closed to new comments.

Thread display: Collapse - | Expand +

All Comments

Collapse -

Well, phonefactor actually

by kumar.jeff In reply to Advice: Terminal Server ...

Yes, we've experimented with the free version of phonefactor, but haven't deployed the paid version. Was easy to deploy and use, but haven't implemented the scalable version yet. Check out

Collapse -

What makes Phonefactor Useful

by andre.j.hawkins In reply to Well, phonefactor actuall ...

what are the aspects of the Phonefactor solution that seem most useful to you?

Collapse -

Pretty broad question...

by brian.samuela In reply to What makes Phonefactor Us ...

Well, it's a pretty broad question. Financially? Technical Managability? User convenience? Technically it's pretty easy. You load the free software on your terminal server and follow the directions. Takes about a half hour to install.

Collapse -

User convenience

by brian.samuela In reply to Pretty broad question...

User convenience, while I'm at it. 2nd factor authentication occurs through mobile or landline phone. User enters username and password through PC. Outbound call to user's phone number. User enter's "#". User can decide and manage which phone it goes to (i.e., what if out of range or out of battery)?

Collapse -

Thanks, tried it.

by andre.j.hawkins In reply to Pretty broad question...

Thanks, we took phonefactor for a little spin and it works pretty well in trial environment. Working on getting the management team to agree to deploy more broadly.

Collapse -

Phone Factor Out of Band

by brian.samuela In reply to Thanks, tried it.

So here is another significant benefit. The Out of Band nature of the second factor. Almost everyone is attached to more than one network at a time these days. If you use more than one of them to establish identity, it creates all sorts of opportunities for enhanced security as well.

Collapse -

Found the management argument

by andre.j.hawkins In reply to Phone Factor Out of Band

Well, here is the argument: Free for a stripped down version, which is not so stripped down that it can't be implemented and used in perpetuity. Our terminal server has less than 50 users, some sort of arbitrary limit for whether you have to pay or not. Could actually implement for production.

Collapse -

OWA Authentication

by kumar.jeff In reply to Found the management argu ...

We've gone ahead and deployed PhoneFactor for OWA 2-factor Authentication as well. We think we've had some trade secret leakage through email over the past couple months. We'll have to see whether this stanches the flow.

Collapse -

They bought it

by andre.j.hawkins In reply to Phone Factor Out of Band

Have gotten the management team to go ahead with an implementation supporting both OWA and TS 2-Factor authentication. The users like it and the management likes it. Using a paid version, but strangely enough, management seems to value that which it pays for.

Collapse -

Agent for OWA as well

by andre.j.hawkins In reply to Pretty broad question...

There is a PhoneFactor agent for OWA as well. Check out Other good thing is that the free version allows for an unlimited number of users.

Related Discussions

Related Forums