Options
AuthPoint or Azure MFA?
What are the benefits of Authpoint over Azure\Office 365 MFA? Is there a comparison chart or what would be the reasons to choose one over the other?
I'm already using MFA on Office 365 along with SAML login from other sites so I'm not sure what I would gain or lose with Authpoint?
Since I am already using Azure MFA, would I be able to use the WatchGuard AuthPoint Hardware Token with Azure instead of AuthPoint? I'm in the process of selecting a hardware token to test with so I was just wondering if I could use that one or if it only works with AuthPoint.
Here are MS requirements https://docs.microsoft.com/en-us/azure/active-directory/authentication/concept-authentication-methods
0
Sign In to comment.
Comments
It really depends on which applications and features you are looking for. For example, in order to protect Windows machines with Azure MFA, you will need to buy a license that includes Windows Hello for Business, that can get very expensive.
AuthPoint supports both Windows and Mac logon protection (online and offline), for computers, servers, and RDP, as well as SAML applications, VPNs (including IKEv2 which is the fastest and more secure), etc.
About hardware tokens, AuthPoint Hardware Token can only be used with AuthPoint. They are manufactured by WatchGuard, and the seeds - the most important thing you need to protect - are securely transferred from the production site to WatchGuard Cloud. There is no risk of seeds exposure, you just activate them in your tenant.
So if you use Azure MFA and plan to use OATH hardware tokens, it seems (from the page you mentioned) that you have to provide the seeds in open format. Anyone can copy and paste into an OATH TOTP generator, thus creating a token clone. AuthPoint supports OATH TOTP tokens, but we always suggest to import in PSKC format (RFC 6030), to protect them. Have one person receive the pskc file, another one receive the transport key.