Using Two-Factor Authentication (2FA)

Rationale

Two-factor authentication (2FA) combines two different factors to verify a user's identity. In addition to a password or PIN, this can include a smart card, hardware token, or smartphone app. This improves protection against impostors, as they must possess both the physical device (or smartphone) and knowledge of the password or PIN.

Single Sign On Providers

• If you are using one of the Identity Providers supported by IGEL OS 12 (Entra ID, Ping Identity, Okta, VMware Workspace ONE Access) for device login, you can enable the 2FA options offered by those providers — typically using a smartphone app.
  --> Refer to the documentation provided by your SSO provider.

• These Identity Providers can also be used to:

  • Unlock the Screenlock

  • Authenticate remote sessions

--> For details, see: How to Configure Single Sign-On (SSO) on IGEL OS 12

Use Smart Card and Smart Key Authentication

• IGEL OS 12 also supports smart card and smart key authentication.

• See the following articles for setup details:

  • Smartcard Services in IGEL OS 12

  • How to Use Smart Card and Smart Key Authentication