Skip to Content.
Sympa Menu

workday - Re: [InC-Workday] Question about 2FA and Workday

Subject: Discussion of use cases and implementation experience integrating with Workday

List archive

Re: [InC-Workday] Question about 2FA and Workday


Chronological Thread 
  • From: "Cantor, Scott" <>
  • To: "" <>, "" <>
  • Subject: Re: [InC-Workday] Question about 2FA and Workday
  • Date: Mon, 30 Nov 2015 17:51:37 +0000
  • Accept-language: en-US
  • Authentication-results: spf=pass (sender IP is 164.107.81.212) smtp.mailfrom=osu.edu; incommon.org; dkim=none (message not signed) header.d=none;incommon.org; dmarc=bestguesspass action=none header.from=osu.edu;
  • Spamdiagnosticmetadata: NSPM
  • Spamdiagnosticoutput: 1:23
On 11/25/15, 8:11 PM,
"
on behalf of Gary Chapman"
<
on behalf of
>
wrote:


>
>Comments and suggestions would be much appreciated.

My only comment is whether we want to go down the road of labeling this "MFA"
vs. a more generic category of "strong(er) authentication". In particular,
whether things like certificates or Kerberos/SPNEGO should be captured by the
same general heading as any other non-phishable approach. It seems like
non-phishability is the real goal here (which itself precludes a number of
second-factor approaches in my opinion, but I'm not trying to open that can
of worms).

Admittedly, getting anything out of Workday is better than what they're
proposing, so my comment isn't that important in the scheme of things.

-- Scott (Cantor)


Archive powered by MHonArc 2.6.16.

Top of Page