VERDE Multi-Factor Authentication as of VERDE 8.2.7
Product Line: VERDE
The long awaited feature is available: Mutli-Factor Authentication (MFA).
This article describes the VERDE MFA feature and its installation.
Overview
The Google Authenticator Mobile App is required. The end user must install this app on their iOS or Android mobile device.
Android: https://play.google.com/store/apps/details?id=com.google.android.apps.authenticator2
iOS: https://apps.apple.com/us/app/google-authenticator/id388497605
MFA is enabled in Desktop Policy settings. This provides the administrator with the flexibility to determine which desktops should be protected by MFA. For example, the VERDE system may have a Gold Image that is used as a Kiosk browser. This type of desktop may not require MFA protection. Other desktops that include access to sensitive apps or data can be selected to be protected by MFA.
Active Directory integration is implicitly supported.
MFA is applicable to both VDI and Remote Access desktops.
The first time a user attempts to access a desktop with MFA protection they must use the Google Authenticator mobile app to scan a QR code. This establishes the MFA configuration for that user in the VERDE system.
This same MFA configuration is used for any other MFA protected desktop – i.e., the QR code scanning step is one-time only.
The VERDE Cluster Master database manages the list of user profiles that have enabled MFA.
The VERDE Management Console includes a UI to allow the administrator to view and remove MFA for specific users. This may be required if a user loses or replaces their mobile device. The administrator must remove the MFA configuration for that user. This will allow the user to authenticate their new mobile device using Google Authenticator.
MFA has been implemented in two VERDE software clients:
• VERDE Software Client
• Korean VERDE Software Client
Both clients share the same MFA configuration. i.e., if MFA is setup using the VERDE Software Client then the Korean VERDE Software Client will be aware of that configuration. There is no requirement to scan the QR code setup separately in both clients.
Setting up MFA for a Desktop
VERDE Software Client Flow
Korean VERDE Software Client Flow
Managing MFA User Configurations
Google Authenticator – iOS Version
Related Articles
Possible issues with Multiple Factor Authentication (MFA)
Product Line: VERDE This article is devoted to things you may encounter with Multi-Factor Authentication (MFA). After entering the 6 digit code, you see the following failure: MFA requires that the smart phone you're using to receive the 6 digit ...DOES RX-SERIES THIN CLIENT SUPPORT MULTI-FACTOR AUTHENTICATION (MFA) TO ACCESS AVD and Windows 365?
Yes. Users should be able to use any Microsoft supported MFA methods (e.g. SMS MFA, authenticator mobile app) to access AVD and Windows 365 on supported NComputing devices.Networked Windows without AD has Unexpected Authentication Issues
Product Line: VERDE ISSUE: VERDE customer is using Windows OS as Guest VDI but is not using Active Directory, which makes Windows configuration difficult when paired with VERDE's dynamic desktop model. Why is this difficult?... - End user ...Active Directory Authentication With Remote Access Session
Product Line: VERDE Here is the way to configure Remote Access using an Active Directory Username as follows: FIRST, you must create a Verde Local User in Management Console with same Username and Password as the Active Directory Account In the ...Installing Multi Server VERDE (RPM) 8.3.4 and Above with Postgres Database
Product Line: VERDE ***As A Reminder: If you're planning to deploy VERDE using a clustered environment, for example: Cluster Master, Cluster Master Candidate, numerous VDI only servers then there are significant changes that need to be considered. A ...