- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello,
I have two questions regarding two-factor authentication.
The first question is about the application used to manage two-factor authentication codes: Microsoft’s “Authenticator” app is not supported, but the “Okta Verify” app is supported. Is there a list of applications that are compatible with Intel EMA for managing two-factor authentication codes?
The second question is whether it is possible, with administrative rights, to set up two-factor authentication for another user’s account from the beginning?
That’s all. I look forward to your reply.
Best regards,
Hideo.
- Tags:
- two-factor
Link Copied
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello Hideo,
Greetings!
Thank you for the clarification. To summarize your points:
Compatible Authenticator Apps with Intel EMA
Intel EMA supports any authenticator app that uses the following encryption algorithms:
- SHA1
- SHA256
- SHA512
It is necessary to configure Intel EMA according to the encryption type in the Settings tab. For more detailed instructions on setting up Two-Factor Authentication (2FA), please refer to Section 2.2 of the documentation:
[Intel EMA Documents]( https://downloadadmirror.intel.com/646990/Intel_EMA_Documents1.13.0.zip
).
Setting Up 2FA for Other Users
Yes, a tenant administrator has the capability to set up 2FA for additional users.
Best Regards,
Vijay N.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello
Vijay N.
Thank you for your response.
Is it possible to force users to implement the 2FA authentication setting when logging in for the first time on IntelEMA?
Or is there a similar setting?
Also, I was not able to set up 2FA with the "Microsoft Authenticator" authentication application." Does "Microsoft Authenticator" support 2FA settings for IntelEMA?
■Microsoft Authenticator
https://play.google.com/store/apps/details?id=com.azure.authenticator
Best Regards,
Hideo.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I can confirm MS Authenticator app for Android works with Intel EMA 1.13.
I use it for one of our demo EMA instances.
You may need to try to enroll it again ( didn't work for first time for me).
You need to see your EMA identity FQDN in Authenticator to enroll it.
Rgds
Darek
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello Hideo,
Thank you for providing the details. We are currently reviewing the information and we will reach out to you as soon as possible. We request your patience during this time.
Regards,
Vijay N.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello
Vijay N.
Thank you for your response.
>>I can confirm MS Authenticator app for Android works with Intel EMA 1.13.
Thank you for confirming the above.
By the way, is Microsoft Authenticator for iphone supported?
Microsoft Authenticator(iphone)
https://apps.apple.com/jp/app/microsoft-authenticator/id983156458
We are waiting for your answer to the following question as well.
>Is it possible to force users to implement the 2FA authentication setting when logging in for the first time on IntelEMA?
>Or is there a similar setting?
Best Regards,
Hideo.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello Hideo,
Greetings!
Please find the below link for Authenticator app not working with sha-256 and sha-512 hash algorithm:
Regards,
Vijay N.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello Hideo,
Greetings!
I am providing you with an update based on our lab results.
Microsoft Authenticator worked with SHA1 encryption only. However, it remained enrolled even after changing the EMA security to SHA256 and SHA512.
Regards,
Vijay N.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello
Vijay N.
Thank you for your response.
We look forward to your answers to the following questions. What is the current situation?
>Is it possible to force users to implement the 2FA authentication setting when logging in for the first time on IntelEMA?
>Or is there a similar setting?
I am waiting for your reply.
Best Regards,
Hideo.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello Hideo,
Greetings!
I wanted to inform you that, currently, only Windows authentication is supported. Unfortunately, Azure Entra with local authentication is not possible at this time.
Best regards,
Vijay N
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello
Vijay N.
Thanks for the reply.
This is not the answer I want, so I will change the question.
Here is my question.
From the management console, when a user logs in for the first time, as shown in the attached image,
After clicking "Log In" on the login screen in ①,
Is it possible to force a transition to the "Enroll in Two-Factor Authentication" screen in ② and force the user to register Two-Factor Authentication?
The purpose of my question is "I want to force the MFA setting at the first login.
We look forward to your reply.
Best Regards,
Hideo.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello Hideo,
To enforce 2FA from the beginning, you need to configure and enable two-factor authentication within your Windows AD or Azure AD environment. This typically involves setting up policies or configurations that mandate 2FA for user authentication.
Please note, if you are using EMA local user authentication, it is not possible to force the 2FA.
Regards,
Vijay N.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello Hideo,
I am following up on the case and wondering if I can help you with anything else.
Regards,
Vijay N.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi Hideo,
Greetings!
I'm reaching out to follow up on your case. Please let me know if there's anything else you need assistance with.
Regards,
Vijay N.
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page