Re: Social Login/MFA

[Razi Ahmad <razi.ahmad () STERN NYU EDU>]

That's the thing we're trying to figure out - can we allow alumni to use
social logins but force current students to use their assigned credentials?
If we can't, then the next question is whether we can force all users to
MFA with social login enabled.

On Fri, Oct 5, 2018 at 6:28 PM Jeremy Rosenberg <rosey () berkeley edu> wrote:

> And students use social logins to access this portal?
>
> Jeremy
>
> --
> Jeremy Rosenberg
> Chief Information Security Officer
> UC Berkeley
> 510-990-5521
>
> On October 5, 2018 at 3:10:01 PM, Razi Ahmad (razi () stern nyu edu) wrote:
>
> Thanks for your response Jeremy (and apologies for the delayed
> acknowledgement). The conundrum that I'm looking at is that we have a
> portal that's used to engage current employees and students as well as
> alumni. For the current students in particular, there's certain
> functionality we'd like to present to them that requires MFA being turned
> on as a prerequisite (or so I've been told). For alumni, on the other hand,
> what's presented to them is less critical and not likely to require the
> assurance that MFA provides.
>
> Best,
>
> Razi
>
> On Sat, Sep 22, 2018 at 2:15 PM Jeremy Rosenberg <rosey () berkeley edu>
> wrote:
>
> > We have discussed what it would look like and presuming they have MFA on
> > their social account, they would have to MFA twice. We didn’t investigate
> > whether the social login can assert whether a second factor was present
> > during the social login.  But if you need that level of assurance, perhaps
> > social logins isn’t the right solution for the first factor?
> >
> > --
> > Jeremy Rosenberg
> > Chief Information Security Officer
> > UC Berkeley
> > 510-990-5521
> >
> > On September 21, 2018 at 12:28:11 PM, Razi Ahmad (
> > razi.ahmad () stern nyu edu) wrote:
> >
> > Hi all,
> >
> > Is anyone using Social Login for SSO AND enforcing MFA? We have a
> > possible use case at NYU Stern but have not done anything like this in the
> > past and are interested in finding out if any other institution has managed
> > to accomplish something like this.
> >
> > Thanks,
> >
> > Razi Ahmad
> > Associate Director, Enterprise Services
> > Information Technology
> > NYU Stern School of Business
> > 212-998-0172
> > razi () stern nyu edu <razi.ahmad () stern nyu edu>
>
> --
> --
> Razi Ahmad
> Associate Director, Enterprise Services
> Information Technology
> NYU Stern School of Business
> 212-998-0172
> razi () stern nyu edu
>
> --
> --
> Razi Ahmad
> Associate Director, Enterprise Services
> Information Technology
> NYU Stern School of Business
> 212-998-0172
> razi () stern nyu edu <razi.ahmad () stern nyu edu>
> <razi.ahmad () stern nyu edu>