Apple 2FA
-
@JaredBusch said in Apple 2FA:
Working on our potential WFH plan, I plan on having my users use 2FA to access our SSL-VPN. I won't have an issue with Android and Windows but I have no clue how to help those with iPhones as I have not used or played with one.
I use Authy myself and a few others use Google Authenticator. Did some searching and Apple has 2FA in the OS but states it is only for Apple devices.
So what do individuals use for 2FA for work or other sites? Just use MS Authenticator and Google Authenticator?
Umm, what would apple's built in 2fa have to do with your third party websit 2fa?
The fact that Apple does not have their own Authenticator app in the app store like Google and MS do. Plus, what Apple does have, only works with Apple products. Hopefully this knowledge will save time for someone is in the same situation.
Other than that, nothing.
-
@JaredBusch said in Apple 2FA:
Working on our potential WFH plan, I plan on having my users use 2FA to access our SSL-VPN. I won't have an issue with Android and Windows but I have no clue how to help those with iPhones as I have not used or played with one.
I use Authy myself and a few others use Google Authenticator. Did some searching and Apple has 2FA in the OS but states it is only for Apple devices.
So what do individuals use for 2FA for work or other sites? Just use MS Authenticator and Google Authenticator?
Umm, what would apple's built in 2fa have to do with your third party websit 2fa?
The fact that Apple does not have their own Authenticator app in the app store like Google and MS do. Plus, what Apple does have, only works with Apple products. Hopefully this knowledge will save time for someone is in the same situation.
Other than that, nothing.
Well sure - Since apple owns it's world from soup to nutz they can bake their own MFA in, none of the other platforms do - so they have to to provide add-on apps.
Now, Google/MS do allow you to use their MFA tool for more than just their own services, and it appears that Apple does not, so on an iOS device you're forced to install a separate MFA tool, like Authy or GA, or MA.
No account from Google is required to use GA by the way, I don't think so for MA either.
-
@JaredBusch said in Apple 2FA:
Working on our potential WFH plan, I plan on having my users use 2FA to access our SSL-VPN. I won't have an issue with Android and Windows but I have no clue how to help those with iPhones as I have not used or played with one.
I use Authy myself and a few others use Google Authenticator. Did some searching and Apple has 2FA in the OS but states it is only for Apple devices.
So what do individuals use for 2FA for work or other sites? Just use MS Authenticator and Google Authenticator?
Umm, what would apple's built in 2fa have to do with your third party websit 2fa?
The fact that Apple does not have their own Authenticator app in the app store like Google and MS do. Plus, what Apple does have, only works with Apple products. Hopefully this knowledge will save time for someone is in the same situation.
Other than that, nothing.
You are not understanding how 2FA works.
-
@Dashrender said in Apple 2FA:
@JaredBusch said in Apple 2FA:
Working on our potential WFH plan, I plan on having my users use 2FA to access our SSL-VPN. I won't have an issue with Android and Windows but I have no clue how to help those with iPhones as I have not used or played with one.
I use Authy myself and a few others use Google Authenticator. Did some searching and Apple has 2FA in the OS but states it is only for Apple devices.
So what do individuals use for 2FA for work or other sites? Just use MS Authenticator and Google Authenticator?
Umm, what would apple's built in 2fa have to do with your third party websit 2fa?
The fact that Apple does not have their own Authenticator app in the app store like Google and MS do. Plus, what Apple does have, only works with Apple products. Hopefully this knowledge will save time for someone is in the same situation.
Other than that, nothing.
Well sure - Since apple owns it's world from soup to nutz they can bake their own MFA in, none of the other platforms do - so they have to to provide add-on apps.
Yeah, I totally understand why they do what they do. Just didn't realize they wouldn't have an app for their users. Oh well, moving on...
Now, Google/MS do allow you to use their MFA tool for more than just their own services, and it appears that Apple does not, so on an iOS device you're forced to install a separate MFA tool, like Authy or GA, or MA.
No account from Google is required to use GA by the way, I don't think so for MA either.
Hmmm... Good to know. Maybe the last few setups I did (a while ago), I probably just went to fast, along with the users already having Google accounts and setting them up also.
-
@JaredBusch said in Apple 2FA:
@JaredBusch said in Apple 2FA:
Working on our potential WFH plan, I plan on having my users use 2FA to access our SSL-VPN. I won't have an issue with Android and Windows but I have no clue how to help those with iPhones as I have not used or played with one.
I use Authy myself and a few others use Google Authenticator. Did some searching and Apple has 2FA in the OS but states it is only for Apple devices.
So what do individuals use for 2FA for work or other sites? Just use MS Authenticator and Google Authenticator?
Umm, what would apple's built in 2fa have to do with your third party websit 2fa?
The fact that Apple does not have their own Authenticator app in the app store like Google and MS do. Plus, what Apple does have, only works with Apple products. Hopefully this knowledge will save time for someone is in the same situation.
Other than that, nothing.
You are not understanding how 2FA works.
That is quite possible.
-
@Dashrender said in Apple 2FA:
@JaredBusch said in Apple 2FA:
Working on our potential WFH plan, I plan on having my users use 2FA to access our SSL-VPN. I won't have an issue with Android and Windows but I have no clue how to help those with iPhones as I have not used or played with one.
I use Authy myself and a few others use Google Authenticator. Did some searching and Apple has 2FA in the OS but states it is only for Apple devices.
So what do individuals use for 2FA for work or other sites? Just use MS Authenticator and Google Authenticator?
Umm, what would apple's built in 2fa have to do with your third party websit 2fa?
The fact that Apple does not have their own Authenticator app in the app store like Google and MS do. Plus, what Apple does have, only works with Apple products. Hopefully this knowledge will save time for someone is in the same situation.
Other than that, nothing.
Well sure - Since apple owns it's world from soup to nutz they can bake their own MFA in, none of the other platforms do - so they have to to provide add-on apps.
Yeah, I totally understand why they do what they do. Just didn't realize they wouldn't have an app for their users. Oh well, moving on...
Since apple controls the whole thing, they don't need to do what others do - so a separate app isn't necessary for them.
-
@Dashrender said in Apple 2FA:
@Dashrender said in Apple 2FA:
@JaredBusch said in Apple 2FA:
Working on our potential WFH plan, I plan on having my users use 2FA to access our SSL-VPN. I won't have an issue with Android and Windows but I have no clue how to help those with iPhones as I have not used or played with one.
I use Authy myself and a few others use Google Authenticator. Did some searching and Apple has 2FA in the OS but states it is only for Apple devices.
So what do individuals use for 2FA for work or other sites? Just use MS Authenticator and Google Authenticator?
Umm, what would apple's built in 2fa have to do with your third party websit 2fa?
The fact that Apple does not have their own Authenticator app in the app store like Google and MS do. Plus, what Apple does have, only works with Apple products. Hopefully this knowledge will save time for someone is in the same situation.
Other than that, nothing.
Well sure - Since apple owns it's world from soup to nutz they can bake their own MFA in, none of the other platforms do - so they have to to provide add-on apps.
Yeah, I totally understand why they do what they do. Just didn't realize they wouldn't have an app for their users. Oh well, moving on...
Since apple controls the whole thing, they don't need to do what others do - so a separate app isn't necessary for them.
Would you just stop. This has nothing to do with actual 2FA as he is attempting to implement. Do not conflate things.
-
@Dashrender said in Apple 2FA:
@Dashrender said in Apple 2FA:
@JaredBusch said in Apple 2FA:
Working on our potential WFH plan, I plan on having my users use 2FA to access our SSL-VPN. I won't have an issue with Android and Windows but I have no clue how to help those with iPhones as I have not used or played with one.
I use Authy myself and a few others use Google Authenticator. Did some searching and Apple has 2FA in the OS but states it is only for Apple devices.
So what do individuals use for 2FA for work or other sites? Just use MS Authenticator and Google Authenticator?
Umm, what would apple's built in 2fa have to do with your third party websit 2fa?
The fact that Apple does not have their own Authenticator app in the app store like Google and MS do. Plus, what Apple does have, only works with Apple products. Hopefully this knowledge will save time for someone is in the same situation.
Other than that, nothing.
Well sure - Since apple owns it's world from soup to nutz they can bake their own MFA in, none of the other platforms do - so they have to to provide add-on apps.
Yeah, I totally understand why they do what they do. Just didn't realize they wouldn't have an app for their users. Oh well, moving on...
Since apple controls the whole thing, they don't need to do what others do - so a separate app isn't necessary for them.
Agreed. For users who only want to live within Apple's own universe, it definitely is not necessary.
-
Now, Google/MS do allow you to use their MFA tool for more than just their own services, and it appears that Apple does not, so on an iOS device you're forced to install a separate MFA tool, like Authy or GA, or MA.
No account from Google is required to use GA by the way, I don't think so for MA either.
Hmmm... Good to know. Maybe the last few setups I did (a while ago), I probably just went to fast, along with the users already having Google accounts and setting them up also.
Yeah, it's likely they already had a Google account so there was an assumption, but I can assure you, no account it required to install and use the app for any website/app that allows you to use generic MFA solutions.
-
@JaredBusch said in Apple 2FA:
@Dashrender said in Apple 2FA:
@Dashrender said in Apple 2FA:
@JaredBusch said in Apple 2FA:
Working on our potential WFH plan, I plan on having my users use 2FA to access our SSL-VPN. I won't have an issue with Android and Windows but I have no clue how to help those with iPhones as I have not used or played with one.
I use Authy myself and a few others use Google Authenticator. Did some searching and Apple has 2FA in the OS but states it is only for Apple devices.
So what do individuals use for 2FA for work or other sites? Just use MS Authenticator and Google Authenticator?
Umm, what would apple's built in 2fa have to do with your third party websit 2fa?
The fact that Apple does not have their own Authenticator app in the app store like Google and MS do. Plus, what Apple does have, only works with Apple products. Hopefully this knowledge will save time for someone is in the same situation.
Other than that, nothing.
Well sure - Since apple owns it's world from soup to nutz they can bake their own MFA in, none of the other platforms do - so they have to to provide add-on apps.
Yeah, I totally understand why they do what they do. Just didn't realize they wouldn't have an app for their users. Oh well, moving on...
Since apple controls the whole thing, they don't need to do what others do - so a separate app isn't necessary for them.
Would you just stop. This has nothing to do with actual 2FA as he is attempting to implement. Do not conflate things.
So, then are you saying that the 2FA that is internal to Apple OS, is totally different concept than the 2FA the Google/MS app provides?
I do understand the the implementation may be different but is the concept different?
If so, then I definitely am missing something. -
Authy has long been a better solution to use. but recent news means GA is just bad.
https://lifehacker.com/switch-from-google-authenticator-to-a-more-secure-2fa-a-1842212483 -
@JaredBusch said in Apple 2FA:
@Dashrender said in Apple 2FA:
@Dashrender said in Apple 2FA:
@JaredBusch said in Apple 2FA:
Working on our potential WFH plan, I plan on having my users use 2FA to access our SSL-VPN. I won't have an issue with Android and Windows but I have no clue how to help those with iPhones as I have not used or played with one.
I use Authy myself and a few others use Google Authenticator. Did some searching and Apple has 2FA in the OS but states it is only for Apple devices.
So what do individuals use for 2FA for work or other sites? Just use MS Authenticator and Google Authenticator?
Umm, what would apple's built in 2fa have to do with your third party websit 2fa?
The fact that Apple does not have their own Authenticator app in the app store like Google and MS do. Plus, what Apple does have, only works with Apple products. Hopefully this knowledge will save time for someone is in the same situation.
Other than that, nothing.
Well sure - Since apple owns it's world from soup to nutz they can bake their own MFA in, none of the other platforms do - so they have to to provide add-on apps.
Yeah, I totally understand why they do what they do. Just didn't realize they wouldn't have an app for their users. Oh well, moving on...
Since apple controls the whole thing, they don't need to do what others do - so a separate app isn't necessary for them.
Would you just stop. This has nothing to do with actual 2FA as he is attempting to implement. Do not conflate things.
So, then are you saying that the 2FA that is internal to Apple OS, is totally different concept than the 2FA the Google/MS app provides?
I do understand the the implementation may be different but is the concept different?
If so, then I definitely am missing something.Yes, you are missing something. It is not OTP 2FA as you are discussing.
-
@JaredBusch said in Apple 2FA:
@JaredBusch said in Apple 2FA:
@Dashrender said in Apple 2FA:
@Dashrender said in Apple 2FA:
@JaredBusch said in Apple 2FA:
Working on our potential WFH plan, I plan on having my users use 2FA to access our SSL-VPN. I won't have an issue with Android and Windows but I have no clue how to help those with iPhones as I have not used or played with one.
I use Authy myself and a few others use Google Authenticator. Did some searching and Apple has 2FA in the OS but states it is only for Apple devices.
So what do individuals use for 2FA for work or other sites? Just use MS Authenticator and Google Authenticator?
Umm, what would apple's built in 2fa have to do with your third party websit 2fa?
The fact that Apple does not have their own Authenticator app in the app store like Google and MS do. Plus, what Apple does have, only works with Apple products. Hopefully this knowledge will save time for someone is in the same situation.
Other than that, nothing.
Well sure - Since apple owns it's world from soup to nutz they can bake their own MFA in, none of the other platforms do - so they have to to provide add-on apps.
Yeah, I totally understand why they do what they do. Just didn't realize they wouldn't have an app for their users. Oh well, moving on...
Since apple controls the whole thing, they don't need to do what others do - so a separate app isn't necessary for them.
Would you just stop. This has nothing to do with actual 2FA as he is attempting to implement. Do not conflate things.
So, then are you saying that the 2FA that is internal to Apple OS, is totally different concept than the 2FA the Google/MS app provides?
I do understand the the implementation may be different but is the concept different?
If so, then I definitely am missing something.Yes, you are missing something. It is not OTP 2FA as you are discussing.
Ok Thanks, that make much more sense. Will worry more about Apple if I ever get one.
-
@JaredBusch said in Apple 2FA:
Authy has long been a better solution to use. but recent news means GA is just bad.
https://lifehacker.com/switch-from-google-authenticator-to-a-more-secure-2fa-a-1842212483Good to know. Authy it is.
-
FreeOTP Authenticator from Redhat is another option.
-
Authy is my first choice.
- The encrypted backups for your accounts.
- Allow approval from notifications. But it's disabled if you enable Authy protection PIN.
- For security of the app, you can enable App protection, touch id protection, and protect the entire app.
- Another nice addition is there Authy Desktop app (macOS, Windows and Linux via Snap) and Authy app for Chrome.
-
@JaredBusch said in Apple 2FA:
Authy has long been a better solution to use. but recent news means GA is just bad.
https://lifehacker.com/switch-from-google-authenticator-to-a-more-secure-2fa-a-1842212483if you have malware on your device, I'm not sure this is really what I'm worried about. Sure it's not great, but it could definitely be worse.
-
@black3dynamite said in Apple 2FA:
- Allow approval from notifications.
Which services support this with Authy?
-
@Dashrender said in Apple 2FA:
@black3dynamite said in Apple 2FA:
- Allow approval from notifications.
Which services support this with Authy?
I haven't bother looking into it because I use the app that is provided for that service.
-
@Dashrender said in Apple 2FA:
@black3dynamite said in Apple 2FA:
- Allow approval from notifications.
Which services support this with Authy?
FFS we had this conversation within the last 14 days
everything does. because these are all built to standards.