I work for a Bank and MFA was implemented several months ago. It was very smooth for the most part.
One of the issues we ran into was our DR exercise, the MFA software did not work on the DR recovered system since we usually do some SMS work in the first IPL; we had to keep our "old" password active. Also, we use something called 'out of band'(it is a 'single use'; code) which we use when we FTP from plex to another; there is some other code that is used for the CICS community but not sure what that is called. -----Original Message----- From: IBM Mainframe Discussion List <IBM-MAIN@LISTSERV.UA.EDU> On Behalf Of Pew, Curtis G Sent: Tuesday, July 16, 2019 10:24 AM To: IBM-MAIN@LISTSERV.UA.EDU Subject: Tn3270 + MFA Our security folks want us to implement some form of two-factor authentication for tn3270 access. (Currently, we just require users to be on campus or use our VPN; the VPN uses DUO to provide two-factor authentication. But now they want two-factor for on campus too.) Has anyone implemented anything like this? Any pointers or suggestions? Thanks. -- Pew, Curtis G curtis....@austin.utexas.edu ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
