2FA - two factor authentication | Auto setting Authenticator

Alex_91
Alex_91 Posts: 21  Freshman Member
First Comment Friend Collector Sixth Anniversary

Hello, Good morning,
I'm using a firewall with several local users, two-factor authentication has been activated (especially by email) and it works correctly.

I was wondering, is it possible to allow the end user to independently create the authenticator (google auth) without an admin enter in user management to enable it?

Accepted Solution

  • Zyxel_Judy
    Zyxel_Judy Posts: 1,494  Zyxel Employee
    Zyxel Certified Network Engineer Level 2 - Nebula Zyxel Certified Network Engineer Level 2 - Switch Zyxel Certified Network Engineer Level 2 - Security Zyxel Certified Network Engineer Level 1 - Nebula
    Answer ✓

    Hi @Alex_91 ,

    Bonus 😊 / second question: (why if I put email address in second textbox I recaive email but no in first?)·

    We will address this issue in the upcoming official firmware release. Please stay updated with the Firewall News & Releases section to know more about the fixes, enhancements, and new features.

    Engage in the Community, become an MVP, and win exclusive prizes!

    https://bit.ly/Community_MVP

All Replies

  • Zyxel_Judy
    Zyxel_Judy Posts: 1,494  Zyxel Employee
    Zyxel Certified Network Engineer Level 2 - Nebula Zyxel Certified Network Engineer Level 2 - Switch Zyxel Certified Network Engineer Level 2 - Security Zyxel Certified Network Engineer Level 1 - Nebula

    Hi @Alex_91 ,

    We assume that you want to allow users to create their own accounts and set up two-factor authentication by themselves, and then connect to the network. Please correct me if you have a different idea.

    To better support you, could you please share the following information with us:

    • Which firewall and managed mode (Nebula/On-premise) are you using?
    • Which menu do you use to configure local users?
    • In which scenario/ application users can use after they can independently create the authenticator (Google Auth)?

    Engage in the Community, become an MVP, and win exclusive prizes!

    https://bit.ly/Community_MVP

  • Alex_91
    Alex_91 Posts: 21  Freshman Member
    First Comment Friend Collector Sixth Anniversary

    Yes correct,

    I answer:

    • Firewall: on-prem (in this first case I would need it for a USG FLEX 200).
      • After is possibile on H Series?
    • admin page login of firewall → Configuration → Object → User → Add User
      • Bonus 😊 / second question: (why if I put email address in second textbox I recaive email but no in first?)
    • Simply allow the various users to connect via VPN but withit 2FA.
      • Would not be a problem to enter in the administration page to create the user with respective email, but then would there be the possibility of creating two-factor authentication regarding the Google Authenticator?

  • Zyxel_Judy
    Zyxel_Judy Posts: 1,494  Zyxel Employee
    Zyxel Certified Network Engineer Level 2 - Nebula Zyxel Certified Network Engineer Level 2 - Switch Zyxel Certified Network Engineer Level 2 - Security Zyxel Certified Network Engineer Level 1 - Nebula

    Hi @Alex_91 ,

    As of now, end users cannot independently set up Google Authenticator without an admin enabling it through user management.

    (why if I put email address in second textbox I recaive email but no in first?)

    We have confirmed this issue on our end and are currently investigating it. We will share with you once there are any updates.

    Engage in the Community, become an MVP, and win exclusive prizes!

    https://bit.ly/Community_MVP

  • Alex_91
    Alex_91 Posts: 21  Freshman Member
    First Comment Friend Collector Sixth Anniversary

    Mmm,

    this feature could be added to ideas for future developments.

  • Zyxel_Judy
    Zyxel_Judy Posts: 1,494  Zyxel Employee
    Zyxel Certified Network Engineer Level 2 - Nebula Zyxel Certified Network Engineer Level 2 - Switch Zyxel Certified Network Engineer Level 2 - Security Zyxel Certified Network Engineer Level 1 - Nebula

    Hi @Alex_91 ,

    Thank you for your feedback.

    You can view and contribute to this idea in the following section: Enabling User-Configured Two-Factor Authentication with Google Authenticator — Zyxel Community

    Thank you for using Zyxel products and services.

    Engage in the Community, become an MVP, and win exclusive prizes!

    https://bit.ly/Community_MVP

  • Zyxel_Judy
    Zyxel_Judy Posts: 1,494  Zyxel Employee
    Zyxel Certified Network Engineer Level 2 - Nebula Zyxel Certified Network Engineer Level 2 - Switch Zyxel Certified Network Engineer Level 2 - Security Zyxel Certified Network Engineer Level 1 - Nebula
    Answer ✓

    Hi @Alex_91 ,

    Bonus 😊 / second question: (why if I put email address in second textbox I recaive email but no in first?)·

    We will address this issue in the upcoming official firmware release. Please stay updated with the Firewall News & Releases section to know more about the fixes, enhancements, and new features.

    Engage in the Community, become an MVP, and win exclusive prizes!

    https://bit.ly/Community_MVP

  • Alex_91
    Alex_91 Posts: 21  Freshman Member
    First Comment Friend Collector Sixth Anniversary

    Will 2FA via email ever be implemented on the H Series too?

  • Zyxel_Judy
    Zyxel_Judy Posts: 1,494  Zyxel Employee
    Zyxel Certified Network Engineer Level 2 - Nebula Zyxel Certified Network Engineer Level 2 - Switch Zyxel Certified Network Engineer Level 2 - Security Zyxel Certified Network Engineer Level 1 - Nebula
    edited September 3

    Hi @Alex ,

    I'd like to clarify your inquiry. Are you referring to:

    1. The 2FA via email feature for H series devices as general, or
    2. The 2FA via email feature for H series devices, as a feature request for the USG FLEX 200 where end users can independently set up Google Authenticator without an admin enabling it through user management?

    Please specify which option you're asking about, so we can provide you with the most accurate information.

    Engage in the Community, become an MVP, and win exclusive prizes!

    https://bit.ly/Community_MVP

  • Alex_91
    Alex_91 Posts: 21  Freshman Member
    First Comment Friend Collector Sixth Anniversary
    1. 2FA via email feature for H series devices

  • Zyxel_Judy
    Zyxel_Judy Posts: 1,494  Zyxel Employee
    Zyxel Certified Network Engineer Level 2 - Nebula Zyxel Certified Network Engineer Level 2 - Switch Zyxel Certified Network Engineer Level 2 - Security Zyxel Certified Network Engineer Level 1 - Nebula

    HI @Alex_91 ,

    Currently, we don't have a plan implement this feature (2FA for e-mail) on the USG Flex H model.

    Engage in the Community, become an MVP, and win exclusive prizes!

    https://bit.ly/Community_MVP

Security Highlight