Is there a way to do two factor authentication with Outlook Web App 2010?
I know there is nothing built into Exchange 2010 OWA to require two factor authentication but we would like to find something that would accomplish this for a more secure OWA login. I know OWA would have to probably sit behind something we
put in place. RSA came up but its expensive and we were looking for another solution. I don't know if ISA or Forefront TMG would provide this function by themselves or woud be need another plugin of some kind to accomplish this. Just wondering what others
are doing. Part of this is also to try and block mobile devices like Android and Blackberry from accessing email using web apps like Touchdown etc which is basically OWA for your phone.
January 11th, 2011 6:09pm
You can use TMG or microsoft UAG. Check this guide.
http://www.microsoft.com/downloads/en/details.aspx?FamilyID=894bab3e-c910-4c97-ab22-59e91421e022&displaylang=en
REgards
Ron
Free Windows Admin Tool Kit Click here and download it now
January 12th, 2011 11:34pm
In our 2 factore (token based) implementation we installed an ISAPI filter on an ISA server. It has two challenge pages - one (from ISA) for the username and password, then a second for the token, from an internal IIS website.
Have you thought of using client certificates? The client needs to have the certificate installed to get access...
Another method is to use came up in our testing. We had a self signed (internal) certificate and when accessing OWA, IE and Firefox clients could accept the untrusted cert, but mobile clients (specifically iPhone) could not connect as they needed the certificate
installed first.
February 9th, 2011 6:43am