Citrix Workspace Authentication: Okta


None of us likes starting over. So if we don’t have to, why would we? Unfortunately, with technology, many of us are forced to to follow a single path. That single path often requires us to start over. But this is one of the interesting things about Citrix Workspace and the user’s primary identity… Don’t start over – Simply integrate. With an overall understanding on primary/secondary identities within Citrix Workspace, we can better understand how Citrix Workspace integrates with Okta as an identity provider for a user’s primary identity.  If our organization has standardized on Okta for identity, why would … Continue reading Citrix Workspace Authentication: Okta

Citrix Workspace Authentication: Overview


One of the major issues with the current state of the end user computing environment is the number of identities a user is required to remember.  Almost every service or application a user subscribes to requires the user create a new identity and password. With so many identities, almost all of us use the same identity/password combination to simplify our life. But relying on passwords is not the best approach. Certain applications and services will allow us to integrate some type of multi-factor authentication, but we now end up with multiple identities, multiple authentication approaches with each service using a … Continue reading Citrix Workspace Authentication: Overview

Authentication: TOTP


Let’s make one thing perfectly clear… TOTP ≠ OTP OTP = One-Time Password TOTP = Time-based One-Time Password As discussed in the Two-Step Verification post, OTP sends the one-time password to the user’s mobile phone via SMS or to the user’s email address. TOTP, on the other hand, uses a local app on the mobile device to generate a pass-code. If we look at the factors for an app using a password and TOTP code, we see that it is something you know and something you have. When a user registers a mobile device, they receive a key (either as … Continue reading Authentication: TOTP

Authentication: Two-Step Verification


So far, I’ve realized the following I have way too many identities Password complexity rules are implemented incorrectly Multi-factor authentication will provide additional authentication security So let’s look at one of the most basic forms of MFA. Unfortunately, I’ve seen this take on many names: Two-Step Verification Two-Step Authentication One-Time Password After providing your username and password for certain Web/SaaS-based apps, you are given a screen like the following: Once you enter this verification code, you are successfully authentication.  From the user perspective, this is a pretty easy way to implement MFA.  However, this is NOT multi-factor authentication. With 2-step verification, … Continue reading Authentication: Two-Step Verification

Authentication: Passwords


<Sarcasm> Passwords.  I love them. I love them so much, I have over 150 of them. </Sarcasm> We have our identity and we provide it to a system.  In order to prove we are who we say we are, we need to authenticate. Passwords are one method for authentication.  In theory, passwords are easy, but in practice, if we want to have some level of security, passwords are not easy. Passwords are supposed to be complex. Passwords are supposed to be unique across services Passwords are supposed to be something you can remember All I have to say is “Good Luck!” … Continue reading Authentication: Passwords

Authentication: Your Identity


Most of us ignore authentication because it is seamless with us using our Active Directory username to log onto a domain-joined Windows 10 PC. But when we expand beyond Windows, there are so many other things to consider. I avoided learning about authentication for a long time.  So many technologies. So many acronyms.  So many options.  I felt like I needed to start learning more about authentication. Most of us see authentication as a big, scary, ugly thing that we want to avoid the details, but those details can help in understanding how all of these different authentication options fit … Continue reading Authentication: Your Identity