Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 4 replies
  • Subscribers 28 subscribers
  • Views 730 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Generate OTP token with next sign-in

Jae Lupo

Hi,

I recently upgraded to SFOS 17 to 19.0.1 MR-1 and I used to have access to the user's QR codes as admin.  This was handy with remote users when they got new phones or lost their phone I could easily add the OTP token back to their new phone. I understand this is a security risk and admins no longer have access to this.  My question is: If I turn on Generate OTP token with next sign-in will that clear all the current tokens for everyone and they will have to login to the portal and get new codes?  Additionally, when it says next sign on I assume that is a sign on to the Portal not sign on to the SSL VPN client?  It is not very clear what this option does to existing users.  Thanks.

Jae 



This thread was automatically locked due to age.
Parents
  • 0

    Hi,

    you are right, the "Generate OTP token with next sign-in" works with user-portal only. (As far as I know)

    Only users without tokens are "affected".


    Dirk

    Systema Gesellschaft für angewandte Datentechnik mbH  // Sophos Platinum Partner
    Sophos Solution Partner since 2003
    If a post solves your question, click the 'Verify Answer' link at this post.

  • 0 in reply to dirkkotte

    Thank you for the info.  So you are not 100% sure if I flip that switch everyone will be locked out of VPN access until they get a new QR?  I only ask as I have about 50 remote users and it would be a nightmare to set them all back up again.  Thanks.

  • 0 in reply to Jae Lupo

    Do it for User Portal/Webadmin first, without SSLVPN. Then check every user is doing the process to activate there QR Code and activate once you are sure, most did there job. 

    __________________________________________________________________________________________________________________

  • 0 in reply to LuCar Toni

    The problem is most of my users are remote and they don't have access to the portal from outside the VPN.  Even if gave them access most would not figure how to get the QR code and update their phones.  I really just want to know if I turn on "Generate OTP token at next sign-in" will it clear their current token or everyone keeps the same token but will change only if they login to the portal?

Reply
  • 0 in reply to LuCar Toni

    The problem is most of my users are remote and they don't have access to the portal from outside the VPN.  Even if gave them access most would not figure how to get the QR code and update their phones.  I really just want to know if I turn on "Generate OTP token at next sign-in" will it clear their current token or everyone keeps the same token but will change only if they login to the portal?

Children
No Data
Unfiltered HTML