问题
I am trying to achieve MFA in WSO2. I made changes as per the below link but nothing worked, https://docs.wso2.com/display/IS510/Multi-factor+Authentication+using+FIDO
I am a bit confused, do we need a physical U2F device to achieve this MFA? Are there any other multi factor authentication methods/tutorials available for WSO2?
回答1:
Yes, as @maduranga has explained you need a physical U2F device for MFA with Fido. Fido is the only out-of-the-box MFA authenticator that ships with WSO2 Identity Server 5.1.0.
However, you can find a growing number of MFA authenticators at WSO2 Store: https://store.wso2.com/store/assets/isconnector
WSO2 IS has a highly extensible multi-step based authentication framework. So you can easily write your own MFA authenticator without much hassle and plug it to that framework.
回答2:
Yes you need to have a physical U2F device to achieve multi-factor authentication using FIDO. But there are other ways to achieve multi-factor authentication using IS. This documentation provides the instructions to enable multi-factor authentication.
In the Local & Outbound Authentication Configuration of the service provider, go to the Advanced Configuration add the number of steps you want. Each factor you want to add in the authentication process is a step in the configuration.
回答3:
You can add multiple identity providers to a single service provider to support multi factor authentication. An example of this is explained here. link might help you to try out a sample. Please have a look.
来源:https://stackoverflow.com/questions/36442583/multi-factor-authentication-wso2