Microsoft Authenticator as option for 2FA in RDM

To add to this - Authy, and/or multiple yubikey key support. As it stands now, RMD does not allow for backup keys. I use two yubikeys, in case I lose one I can still access things with the other.

What do you mean it's not supported? You want RDM to prompt the 2FA when you connect to MariaDB?

Regards

Hi David,

Yes, that is what I have in mind. Is that not possible? I had the impression it is with other 2FA providers like google for example. Apologies if I'm mistaken about that.

Is there any 2FA way to protect access to a data source?

I don't think it's supported by MariaDB and we can do it without a server (to authenticate the user).

Regards

Hi David,

Do you mean the 2FA option to authenticate an user in RDM is provided by RDM itself, right? I believe I didn't put my question clear enough here. My idea is to not let users login to RDM without 2FA, and I was hoping I could do that using Microsoft authenticator as I can simply disable their account in Office 365 and that would avoid them logging into many systems, including RDM.

Is this feasible?

It's possible but only if you use Devolutions Password Server (DPS). RDM can't handle the login to Office 365 directly. Some people think that we try to upsell our server but it's really an architecture problem. We need to delegate the login to Microsoft and use the authentication token. The other problem is that we don't support MariaDB in DPS.

Anyway, I will try to keep in mind the problem and think about it. I will let you know if I find a solution.