Secure Mobile Access 100 10.2 Administration Guide

Multi-Factor Authentication

Multi-factor authentication (MFA), sometimes referred to as two-factor authentication or 2FA, is an electronic authentication method in which a computer user is granted access to a website or application only after successfully presenting two or more pieces of evidence (or factors) to an authentication mechanism: knowledge (something only the user knows), possession (something only the user has), and inherence (something only the user is). MFA protects the user from an unknown person trying to access their data such as personal ID details or financial assets.

There are three basic factors to authentication:

  • Something you know: This could be a PIN code, the answers to your security questions, or your password
  • Something you have: This generally refers to a physical object, such as a security token, smart card, or phone.
  • Something you are: This refers to biometric data, and usually comes in the form of your fingerprint or facial scan — such as with Apple’s Touch ID

Utilizing more than one factor is one of the best methods for keeping connectivity into a network safe. Most hackers that breach networks do so by obtaining the username and password of individuals. They can compromise your credentials, and even manipulate their connections to make the authenticating device “think” it is you. However, when a secondary factor is introduced, the hacker would not have access to this information and therefore would be denied access immediately and their session logged.

SonicWall’s SMA 100 series incorporates multiple types of factoring functions, that when combined, can ensure the authenticity of the end user. Turning on these features are considered *critical* in the security of your network and should always be your number one priority when setting up remote connectivity appliances or software.

Because of the critical importance of 2FA, we are providing detailed instructions on the setup of this feature.

One of the most secure (and highly recommended) methods for secondary authentication is using a provider that supports SAML (Security Assertion Markup Language), or a TOTP (Time-Based One-Time Password) provider. SonicWall’s SMA 100 series has support for both types of factoring providers – Please reference the SonicWall Feature guide for detailed walkthrough on how to setup these features with different providers.

Two popular and commonly used solutions for secondary factor-based authentication are the Microsoft Authenticator and Google Authenticator. To enable 2FA using Google or Microsoft Authenticator, please refer to the following knowledge base article:

Was This Article Helpful?

Help us to improve our support portal

Techdocs Article Helpful form

Techdocs Article NOT Helpful form

  • Still can't find what you're looking for? Try our knowledge base or ask our community for more help.