Forum / Remote Desktop Manager Android - Support

2 factor for Android using sql db

  • Create an Issue
  • Cancel

I'm using rdm enterprise with a sql db server. Absolutely love the granularity and control. I have chosen yubikey neo as our 2 factor of choice. It has been made mandatory for connections to the database, along with access to the pc applications. I'd like to know when it will be added to the Android platform, as the neo is capable of nfc and it works wonderfully. Fwiw, the application can query the key for the content in the first slot, not locked into only the second slot config.

Currently, database is able to be attached, but can't load due to the 2 factor mandate.

Clock4 yrs

Hi Eric,

We are investigating what would be involved in adding this feature. Could you confirm if I understand you correctly, you would like Two-Factor authentication for a Microsoft SQL Server, as a Data Source setting, using Yubikey authentication with NFC, is that correct?

Thank you

Best Regards,

Benoît Racine

signaturesignature

Clock4 yrs

Benoit,

Thank you for the quick reply. As you described, that is exactly what I'm looking for. I currently use Keepass, and will not be able to move forward on my enterprise license of Password Vault until I can get mobile 2-factor under wraps. Keepass is able to use 2-factor, including yubikey, on desktop and mobile applications. To further understand how Yubikey is used in PVM and RDM, can you elaborate on what information is pulled from the slot? I'm assuming you are pulling the cert off of the first slot. That is a query on the keypress, and should be easy enough to implement on a mobile version as NFC should be able to parse and query the same info, regardless of which slot is configured for NFC through the yubikey personalization tool. Of course, these are merely assumptions. Fact of the matter is, I'm responsible for roll-out of a new Remote Desktop Management solution for a fortune 500 company (Siemens Industry), and I would like to be able to complete this portion of the task with Devolution software. I am also responsible for the roll-out of a password management solution as well, and PVM is a contender at this time.

Clock4 yrs

Hi Eric,
Thank you for confirming the information. Data Source level Two-Factor authentication and Yubikey authentication with NFC are definitely features we would like to add to the Android client. However this would take some time to implement and Yubikey NFC in particular will require more investigation on our end before we can commit to implementing it. We cannot give an estimate of when the features would be added but we will keep you informed of new developments.

Best Regards,

Benoît Racine

signaturesignature

Clock4 yrs

Hello,

Any progress on this feature for simple Google Authenticator? The datasource is set to require 2 factor so on Android there's no way I can use the app.

Clock4 yrs

Hi,

Google Authenticator 2 Factor for data sources is on our to-do list. It should be implemented within a few releases.

Best Regards,

Benoît Racine

signaturesignature

Clock4 yrs

Hi,

Any idea what that actually means? A few releases could be days, weeks, months or even years away.

Thanks

Clock4 yrs

Hi,

Sorry for being unclear, I'll try to be more specific. We are planning to have the feature ready for a release sometime in November. If we encounter issues it might be pushed back to December or January, but so far we are confident about a November release.

Best Regards,

Benoît Racine

signaturesignature

Clock4 yrs

Benoit, I'm hoping that my original request which started this thread is still under consideration and development? Any word on when this functionality will be made available to the mobile market?

Clock4 yrs

Hi Eric,

Once Google Authenticator 2 factor is implemented for SQL data sources, you should be able to set it up not only with Google Authenticator but also with the Yubico Authenticator Android app. This should allow you to connect to your data source with the Android client using Yubikey NFC.

In this setup your RDM PC clients would use Yubikey 2 factor like they currently do, while your Android clients would use the Google Authenticator option setup with the Yubico Authenticator app. Would this work for you?

Best Regards,

Benoît Racine

signaturesignature

Clock4 yrs

Hi,

We've just released an update for the Android app which includes support for SQL Server Google Authenticator Two Factor.

This can also be used to protect the data source with Yubikey NFC, by pairing the data source with the Yubico Authenticator app instead of the Google Authenticator app.

Best Regards,

Benoît Racine

signaturesignature

Clock3 yrs

First off, thank you for the update on the release. The reason this is important to me is because I set the mobile app aside and have not been paying attention to the updates it has received automatically from Google Play. I opened the app yesterday, added a SQL data source, configured the server and database, and low and behold, there was an option for 2 factor google auth. As you advised, I downloaded the Yubico Authenticator App from Google Play, copied the secret key from the PVM app into the Yubico Auth app, added the credential via NFC to my YubiKey, and I now have TOTP from my Yubikey at anytime. Back in the PVM app, I verified the TOTP code provided by the Yubico Auth app, and away I went. One thing I did notice, the app required a complete restart before it would see my entries under the new remote data source. One other feature I'd like to see added to the app is the ability to "read/write" in offline mode, just as in the PC application, instead of the "read only" mode that is currently the only other option.
Thank you to the development team for putting this all together and being so responsive to your customers (me). I look forward to many more years of your products, and I believe I'll get the ok to purchase an enterprise license for PVM to perfectly complement our current enterprise license of RDM. Merry Christmas!

Clock3 yrs

Hi Eric,

Thank you for your feedback and you kind words.

The ability to write in offline mode has already been added to our long list of todos.
However, we cannot give you a time frame for its development.

Merry Christmas to you to!

Best Regards,

Nicolas Dufour

signaturesignature

Clock3 yrs