Re: 2 factor authentication for Oracle Forms

Let me play the devil's advocate here: why would you want two step authentication for Oracle Forms, if you already have it for VPN. Isn't RSA token, DUO or Okta Verify or whatever else you are using, safe enough? So, the user must know his VPN password, must correctly respond to the second password challenge generated by some form of two step authentication like the ones mentioned above and he also must know his application username and password. It looks to me that you are as certain as it is at all possible that the user who is logging in is who he says he is. Regards

On Fri, 21 Jul 2017 19:46:33 +0000
Matt Adams <MAdams_at_equian.com> wrote:

> I've been asked to some up with possible suggestions for enabling two factor authentication for our custom written Oracle Forms application.
>
> So far, the only solution I've really seen is using Oracle Access Manager to handle authentication, which would allow 2 factor (probably using Duo which we already have in place for 2 factor authentication to the VPN).
>
> What other solutions are you aware of?
>
> Thanks
>
> Matt
> **** This communication may contain privileged and/or confidential information. If you are not the intended recipient, you are hereby notified that disclosing, copying, or distributing of the contents is strictly prohibited. If you have received this message in error, please contact the sender immediately and destroy any copies of this document. ****

-- 
Mladen Gogala
Oracle DBA
Tel: (347) 321-1217
--
http://www.freelists.org/webpage/oracle-l