Authentication: Push


One of my goals before the end of the year is to protect my online accounts with multi-factor authentication. I’ve been protecting many of my identities with TOTP. TOTP is a great way to add multi-factor authentication to our identity.  It adds the “something I have” to the “something I know”. However, I’m now running into a major user experience issue with TOTP. I’ve got too many tokens!!! When I try and authenticate to one of these providers, I have to load the authenticator app and find the right code before typing it in.  This is easy when I only … Continue reading Authentication: Push

Citrix Workspace Authentication: Overview


One of the major issues with the current state of the end user computing environment is the number of identities a user is required to remember.  Almost every service or application a user subscribes to requires the user create a new identity and password. With so many identities, almost all of us use the same identity/password combination to simplify our life. But relying on passwords is not the best approach. Certain applications and services will allow us to integrate some type of multi-factor authentication, but we now end up with multiple identities, multiple authentication approaches with each service using a … Continue reading Citrix Workspace Authentication: Overview

Citrix Workspace Authentication: Citrix Gateway


One of the challenges with using cloud services is getting the same experience you had in an on-premises deployment. For the past 20+ years, many Citrix Virtual Apps and Desktop deployments utilized a Citrix Gateway to provide an ICA proxy through the firewall. For external users, Gateway also authenticated those users. Over the years, admins determined the authentication schema for their organization, most likely incorporating additional factors beyond passwords, like TOTP, certificates, RADIUS, nFactor, etc. Fast forward to 2019 and we now need to figure out how to use Citrix Workspace without impacting our secure authentication profile. Currently in tech … Continue reading Citrix Workspace Authentication: Citrix Gateway

Authentication: Two-Step Verification


So far, I’ve realized the following I have way too many identities Password complexity rules are implemented incorrectly Multi-factor authentication will provide additional authentication security So let’s look at one of the most basic forms of MFA. Unfortunately, I’ve seen this take on many names: Two-Step Verification Two-Step Authentication One-Time Password After providing your username and password for certain Web/SaaS-based apps, you are given a screen like the following: Once you enter this verification code, you are successfully authentication.  From the user perspective, this is a pretty easy way to implement MFA.  However, this is NOT multi-factor authentication. With 2-step verification, … Continue reading Authentication: Two-Step Verification

Authentication: Passwords


<Sarcasm> Passwords.  I love them. I love them so much, I have over 150 of them. </Sarcasm> We have our identity and we provide it to a system.  In order to prove we are who we say we are, we need to authenticate. Passwords are one method for authentication.  In theory, passwords are easy, but in practice, if we want to have some level of security, passwords are not easy. Passwords are supposed to be complex. Passwords are supposed to be unique across services Passwords are supposed to be something you can remember All I have to say is “Good Luck!” … Continue reading Authentication: Passwords

Authentication: Your Identity


Most of us ignore authentication because it is seamless with us using our Active Directory username to log onto a domain-joined Windows 10 PC. But when we expand beyond Windows, there are so many other things to consider. I avoided learning about authentication for a long time.  So many technologies. So many acronyms.  So many options.  I felt like I needed to start learning more about authentication. Most of us see authentication as a big, scary, ugly thing that we want to avoid the details, but those details can help in understanding how all of these different authentication options fit … Continue reading Authentication: Your Identity