Phone Factor – Two Factor Authentication

If you want to be really secure now days you need more than just a password. you need another type of authentication. Blood is the best thing to use to authenticate yourself, DNA is like 1,000,000,000x unique. Wouldn’t it be great when your getting money out of the ATM a needle would come out to prick you and take your DNA, not really. Phone factor is a program that calls you on your phone (or text) makes you press # on your phone after you put in your password. So even if the hacktivists steal your username and password and post it on pastebin someone would still need your phone to get in to your playstation account or whatever.

Here I will show you how to setup Phone Factor to call you after you sign in to your VPN. So basically you just install Phone Factor on a box in between the VPN device, In my case a SonicWALL SSL-VPN 200 and the server that authenticates you, in my case a windows 2003 box running IAS.

Here on the VPN device just put in the IP address on the box you installed Phone Factor on. You will have to change the timeout to something higher to give Phone Factor enough time to call you and for you to answer back.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

On Phone factor you put in the IP address on the VPN, the shared secret, and the port the VPN uses (1812 for RADIUS).

Then put in the RADIUS servers IP, shared secret, and what port it uses.

on the users tab you will enter in the usernames and phone numbers. The free version of phone factor allows 10 users i think.

In the radius server just put in the system’s IP that has phone factor installed on it as the new client and you should be good to go assuming you have the radius box configured correctly.

After that you can log in, put in your username/password. you will get a call on your phone telling you to press #, then that’s it your in!

Please do not email me if you having troubles, this is pretty straight forward and the only problem i ran into was the timeout part on the vpn appliance.