[Info-vax] VMS and MFA?
geze...@rlgsc.com
gezelter at rlgsc.com
Wed Aug 19 09:17:38 EDT 2020
On Wednesday, August 19, 2020 at 8:34:00 AM UTC-4, Phillip Helbig (undress to reply) wrote:
> In article <96dcc800-77cc-4ace... at googlegroups.com>,
> "geze... at rlgsc.com" <geze... at rlgsc.com> writes:
>
> > The way to do this is to insert a non-optional step into the login path.
> > This means modifying a system-managed part of the login sequence (e.g.,
> > SYS$MANAGER:SYLOGIN.COM). One must force the initial state of the process
> > to CONTROL-Y and CONTROL-C disabled, to avoid the user bypassing the MFA.
> And don't forget F$MODE() as well as the fact that ssh and so on might
> bypass some of the traditional login stuff.
Phillip,
Definitely check F$MODE, batch and non-interactive access (servers) should not use MFA. . ssh should not bypass anything.
- Bob Gezelter, http://www.rlgsc.com
More information about the Info-vax
mailing list