Educause Security Discussion mailing list archives
Re: Social Login/MFA
From: Razi Ahmad <razi.ahmad () STERN NYU EDU>
Date: Fri, 5 Oct 2018 18:30:47 -0400
That's the thing we're trying to figure out - can we allow alumni to use social logins but force current students to use their assigned credentials? If we can't, then the next question is whether we can force all users to MFA with social login enabled. On Fri, Oct 5, 2018 at 6:28 PM Jeremy Rosenberg <rosey () berkeley edu> wrote:
And students use social logins to access this portal? Jeremy -- Jeremy Rosenberg Chief Information Security Officer UC Berkeley 510-990-5521 On October 5, 2018 at 3:10:01 PM, Razi Ahmad (razi () stern nyu edu) wrote: Thanks for your response Jeremy (and apologies for the delayed acknowledgement). The conundrum that I'm looking at is that we have a portal that's used to engage current employees and students as well as alumni. For the current students in particular, there's certain functionality we'd like to present to them that requires MFA being turned on as a prerequisite (or so I've been told). For alumni, on the other hand, what's presented to them is less critical and not likely to require the assurance that MFA provides. Best, Razi On Sat, Sep 22, 2018 at 2:15 PM Jeremy Rosenberg <rosey () berkeley edu> wrote:We have discussed what it would look like and presuming they have MFA on their social account, they would have to MFA twice. We didn’t investigate whether the social login can assert whether a second factor was present during the social login. But if you need that level of assurance, perhaps social logins isn’t the right solution for the first factor? -- Jeremy Rosenberg Chief Information Security Officer UC Berkeley 510-990-5521 On September 21, 2018 at 12:28:11 PM, Razi Ahmad ( razi.ahmad () stern nyu edu) wrote: Hi all, Is anyone using Social Login for SSO AND enforcing MFA? We have a possible use case at NYU Stern but have not done anything like this in the past and are interested in finding out if any other institution has managed to accomplish something like this. Thanks, Razi Ahmad Associate Director, Enterprise Services Information Technology NYU Stern School of Business 212-998-0172 razi () stern nyu edu <razi.ahmad () stern nyu edu>-- -- Razi Ahmad Associate Director, Enterprise Services Information Technology NYU Stern School of Business 212-998-0172 razi () stern nyu edu -- -- Razi Ahmad Associate Director, Enterprise Services Information Technology NYU Stern School of Business 212-998-0172 razi () stern nyu edu <razi.ahmad () stern nyu edu> <razi.ahmad () stern nyu edu>
Current thread:
- Re: Social Login/MFA Razi Ahmad (Oct 05)
- <Possible follow-ups>
- Re: Social Login/MFA Jeremy Rosenberg (Oct 05)
- Re: Social Login/MFA Razi Ahmad (Oct 05)