[Info-vax] Two-Factor Authentication
Bill Gunshannon
bill.gunshannon at gmail.com
Tue Oct 22 20:14:17 EDT 2019
On 10/22/19 7:22 PM, Scott Dorsey wrote:
> =?UTF-8?Q?Arne_Vajh=c3=b8j?= <arne at vajhoej.dk> wrote:
>> On 10/22/2019 2:01 PM, VAXman- at SendSpamHere.ORG wrote:
>>> Is anyone here using a two-factor authentication scheme with OpenVMS?
>>
>> VMS login over TCP/IP?
>
> -- Big market for this. Lots of contracts for systems require it these
> days. You can't expect to sell to the government without it.
Defense Information Systems Agency (DISA), the DOD IT watchdog stopped
even looking at VMS systems back in 2009 when I was there and offered
to help update the, already ancient, Security Readiness Review (SRR)
and Security Technical Implementation Guide (STIG) for VMS.
>
>> VMS login console?
>
> -- Would be nice but not all that critical since VMS systems are usually
> in places with good physical security. In the New x86 era, they are
> likely to be virtual systems and the virtual host can be trusted with
> some amount of authentication. So not as big a deal, and harder to do.
2FA is required even on computer systems inside SCIFs. Big doors
do not eliminate the requirement.
bill
More information about the Info-vax
mailing list