2FA - two factor authentication | Auto setting Authenticator

Alex_91
Alex_91 Posts: 21  Freshman Member
Sixth Anniversary 10 Comments Friend Collector
in Security

Hello, Good morning,
I'm using a firewall with several local users, two-factor authentication has been activated (especially by email) and it works correctly.

I was wondering, is it possible to allow the end user to independently create the authenticator (google auth) without an admin enter in user management to enable it?

All Replies

  • Zyxel_Judy
    Zyxel_Judy Posts: 1,362  Zyxel Employee
    Zyxel Certified Network Engineer Level 2 - Nebula Second Anniversary Zyxel Certified Network Engineer Level 1 - Switch Zyxel Certified Network Engineer Level 1 - Nebula

    Hi @Alex_91 ,

    We assume that you want to allow users to create their own accounts and set up two-factor authentication by themselves, and then connect to the network. Please correct me if you have a different idea.

    To better support you, could you please share the following information with us:

    • Which firewall and managed mode (Nebula/On-premise) are you using?
    • Which menu do you use to configure local users?
    • In which scenario/ application users can use after they can independently create the authenticator (Google Auth)?

    Untitled Image

    Don't miss this great chance to upgrade your Nebula org. for free!https://bit.ly/4g2pS9L

  • Alex_91
    Alex_91 Posts: 21  Freshman Member
    Sixth Anniversary 10 Comments Friend Collector

    Yes correct,

    I answer:

    • Firewall: on-prem (in this first case I would need it for a USG FLEX 200).
      • After is possibile on H Series?
    • admin page login of firewall → Configuration → Object → User → Add User
      • Bonus 😊 / second question: (why if I put email address in second textbox I recaive email but no in first?)
    user.jpg
    • Simply allow the various users to connect via VPN but withit 2FA.
      • Would not be a problem to enter in the administration page to create the user with respective email, but then would there be the possibility of creating two-factor authentication regarding the Google Authenticator?

  • Zyxel_Judy
    Zyxel_Judy Posts: 1,362  Zyxel Employee
    Zyxel Certified Network Engineer Level 2 - Nebula Second Anniversary Zyxel Certified Network Engineer Level 1 - Switch Zyxel Certified Network Engineer Level 1 - Nebula

    Hi @Alex_91 ,

    As of now, end users cannot independently set up Google Authenticator without an admin enabling it through user management.

    (why if I put email address in second textbox I recaive email but no in first?)

    We have confirmed this issue on our end and are currently investigating it. We will share with you once there are any updates.

    Untitled Image

    Don't miss this great chance to upgrade your Nebula org. for free!https://bit.ly/4g2pS9L

  • Alex_91
    Alex_91 Posts: 21  Freshman Member
    Sixth Anniversary 10 Comments Friend Collector

    Mmm,

    this feature could be added to ideas for future developments.

  • Zyxel_Judy
    Zyxel_Judy Posts: 1,362  Zyxel Employee
    Zyxel Certified Network Engineer Level 2 - Nebula Second Anniversary Zyxel Certified Network Engineer Level 1 - Switch Zyxel Certified Network Engineer Level 1 - Nebula

    Hi @Alex_91 ,

    Thank you for your feedback.

    You can view and contribute to this idea in the following section: Enabling User-Configured Two-Factor Authentication with Google Authenticator — Zyxel Community

    Thank you for using Zyxel products and services.

    Untitled Image

    Don't miss this great chance to upgrade your Nebula org. for free!https://bit.ly/4g2pS9L

  • Zyxel_Judy
    Zyxel_Judy Posts: 1,362  Zyxel Employee
    Zyxel Certified Network Engineer Level 2 - Nebula Second Anniversary Zyxel Certified Network Engineer Level 1 - Switch Zyxel Certified Network Engineer Level 1 - Nebula

    Hi @Alex_91 ,

    Bonus 😊 / second question: (why if I put email address in second textbox I recaive email but no in first?)·

    We will address this issue in the upcoming official firmware release. Please stay updated with the Firewall News & Releases section to know more about the fixes, enhancements, and new features.

    Untitled Image

    Don't miss this great chance to upgrade your Nebula org. for free!https://bit.ly/4g2pS9L

  • Alex_91
    Alex_91 Posts: 21  Freshman Member
    Sixth Anniversary 10 Comments Friend Collector

    Will 2FA via email ever be implemented on the H Series too?

  • Zyxel_Judy
    Zyxel_Judy Posts: 1,362  Zyxel Employee
    Zyxel Certified Network Engineer Level 2 - Nebula Second Anniversary Zyxel Certified Network Engineer Level 1 - Switch Zyxel Certified Network Engineer Level 1 - Nebula
    edited September 3

    Hi @Alex ,

    I'd like to clarify your inquiry. Are you referring to:

    1. The 2FA via email feature for H series devices as general, or
    2. The 2FA via email feature for H series devices, as a feature request for the USG FLEX 200 where end users can independently set up Google Authenticator without an admin enabling it through user management?

    Please specify which option you're asking about, so we can provide you with the most accurate information.

    Untitled Image

    Don't miss this great chance to upgrade your Nebula org. for free!https://bit.ly/4g2pS9L

  • Alex_91
    Alex_91 Posts: 21  Freshman Member
    Sixth Anniversary 10 Comments Friend Collector
    1. 2FA via email feature for H series devices

  • Zyxel_Judy
    Zyxel_Judy Posts: 1,362  Zyxel Employee
    Zyxel Certified Network Engineer Level 2 - Nebula Second Anniversary Zyxel Certified Network Engineer Level 1 - Switch Zyxel Certified Network Engineer Level 1 - Nebula

    HI @Alex_91 ,

    Currently, we don't have a plan implement this feature (2FA for e-mail) on the USG Flex H model.

    Untitled Image

    Don't miss this great chance to upgrade your Nebula org. for free!https://bit.ly/4g2pS9L

Categories

Security Highlight


Read more

Security Help Center

EnglishTiếng ViệtРусскийไทย中文(台灣)