kwessel at illinois.edu
Tue Jul 23 15:44:20 EDT 2019
We've been focusing more on stronger authentication and less on trends and risk. We do have some Splunk alerts and scripts that will alert or even automatically scramble if someone is logged in twice simultaneously from different sides of the globe, but that's not exactly what you're talking about here.
I've seen some MFA vendors roll this feature into their products. Toopher, for one, could choose when it was and wasn't necessary to prompt for MFA based on a user's usual habits.
From: users <users-bounces at shibboleth.net> On Behalf Of Cantor, Scott
Sent: Tuesday, July 23, 2019 2:38 PM
To: Shib Users <users at shibboleth.net>
Subject: Re: risk-based authentication?
On 7/23/19, 1:27 PM, "users on behalf of Liam Hoekenga" <users-bounces at shibboleth.net on behalf of liamr at umich.edu> wrote:
> Anyone implement any risk-based mechanism with the Shib IDP? Whether
> that be "you've been logging in from Chicago all day, but now you're
> in Beijing?" or "I've never seen you on Android before", I'm curious what other people might be doing...
Some discussion of it off and on at OSU but nothing concrete. It requires so much decision making about what information to use and what to do with it that I don't foresee it going anywhere for us, and lacking concrete requirements makes doing something more generic much harder for me.
For Consortium Member technical support, see https://wiki.shibboleth.net/confluence/x/coFAAg
To unsubscribe from this list send an email to users-unsubscribe at shibboleth.net
More information about the users