GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → neos-sdi → adfsmfa

neos-sdi / adfsmfa

Licence: MIT license
MFA for ADFS 2022/2019/2016/2012r2

Programming Languages

C#
18002 projects

Labels

sqlrsatotpadfsaes256mfa2016multi-factor-authenticationtwofactorbiometric2019webauthn2022mmcfido22012r2neos-sdi

Projects that are alternatives of or similar to adfsmfa

kagi
WebAuthn security keys and TOTP multi-factor authentication for Django
Stars: ✭ 17 (-80.23%)
Mutual labels:  totp, multi-factor-authentication, webauthn
awesome-yubikey
Curated list of awesome Yubikey resources, open source projects, tools and tutorials.
Stars: ✭ 22 (-74.42%)
Mutual labels:  mfa, webauthn, fido2
a12n-server
A ready-to-launch User and Authentication system for those that don't want to build it
Stars: ✭ 324 (+276.74%)
Mutual labels:  totp, mfa, webauthn
SimpleTOTP
A highly configurable yet simple to use TOTP based two-factor authentication processing module for SimpleSAMLphp.
Stars: ✭ 16 (-81.4%)
Mutual labels:  totp, mfa, multi-factor-authentication
Authelia
The Single Sign-On Multi-Factor portal for web apps
Stars: ✭ 11,094 (+12800%)
Mutual labels:  totp, mfa
mfa
Generate TOTP(Time-based One-time Password) token with CLI.
Stars: ✭ 17 (-80.23%)
Mutual labels:  totp, mfa
Cli
🧰 A zero trust swiss army knife for working with X509, OAuth, JWT, OATH OTP, etc.
Stars: ✭ 2,151 (+2401.16%)
Mutual labels:  totp, mfa
Putty Cac
Windows Secure Shell Client With Support For Smart Cards & Certificates
Stars: ✭ 192 (+123.26%)
Mutual labels:  rsa, mfa
mfaws
🔒 AWS multi-factor authentication for the CLI
Stars: ✭ 38 (-55.81%)
Mutual labels:  mfa, multi-factor-authentication
Nginx Sso
SSO authentication provider for the auth_request nginx module
Stars: ✭ 195 (+126.74%)
Mutual labels:  totp, mfa
uru-card
Arduino based firmware for FIDO2 Authenticator
Stars: ✭ 114 (+32.56%)
Mutual labels:  webauthn, fido2
wp-webauthn
🔒 WP-WebAuthn allows you to safely login to your WordPress site without password.
Stars: ✭ 85 (-1.16%)
Mutual labels:  webauthn, fido2
pyotp
Python One-Time Password Library
Stars: ✭ 1,930 (+2144.19%)
Mutual labels:  totp, mfa
One Time
One Time Password (TOTP and HOTP) library for Clojure. TOTP/HOTP is widely used for Two Factor / Multi Factor Authentication.
Stars: ✭ 129 (+50%)
Mutual labels:  totp, mfa
clarion
WebAuthn (U2F) helper for CLI operations (e.g. SSH Log in)
Stars: ✭ 78 (-9.3%)
Mutual labels:  webauthn, fido2
Speakeasy
**NOT MAINTAINED** Two-factor authentication for Node.js. One-time passcode generator (HOTP/TOTP) with support for Google Authenticator.
Stars: ✭ 2,531 (+2843.02%)
Mutual labels:  totp, mfa
Opensk
OpenSK is an open-source implementation for security keys written in Rust that supports both FIDO U2F and FIDO2 standards.
Stars: ✭ 2,114 (+2358.14%)
Mutual labels:  webauthn, fido2
Three-Factor-Security-Door
What do you get when you mix a Raspberry Pi, a MySQL database, an RFID reader, an LCD touchscreen, a relay switch, an electronic door strike and a Twilio SMS account?
Stars: ✭ 49 (-43.02%)
Mutual labels:  mfa, multi-factor-authentication
FIDO-Server
Open-source FIDO server, featuring the FIDO2 standard.
Stars: ✭ 17 (-80.23%)
Mutual labels:  webauthn, fido2
android-webauthn-authenticator
A WebAuthn Authenticator for Android leveraging hardware-backed key storage and biometric user verification.
Stars: ✭ 101 (+17.44%)
Mutual labels:  webauthn, fido2
View All Similar Projects ➔

# Multi-Factor Authentication for Microsoft ADFS 2022/2019/2016/2012r2 (with biometric authentication)

This project can help you to implement multi-factor authentication without requiring any additional provider.

You can download a fully functional solution or modify the source code to build your own solution.

MFA helps secure user sign-ins for on-premise or cloud services beyond just a single password. With MFA, users are required to enter a confirmation code, which is send to their phones, email account or via an authenticator application (Microsoft authentication, Google Authentication)after correctly entering their passwords.

What I Know (password) and What I Hold (device) or What I Am (biometrics) are the keys of MFA.

For example, if you user password is compromised by a hacker, he can’t activate your application (business email) because You have the code that can grant access to the app.

This extension, allow to use second factor with secondary email code transmission, or TOTP code (Time-based One Time Password) compatible with the Google’s (and others) standard.

This extension works with Active Directory or an SQL Server Database for storing secret keys.

Installation & Documentation

Downloads

Building Solution

Neos Logo

Features

  • Localized UI French/English/Spanish/Italian/German/Dutch/Portuguese/Polish/Swedish/Romanian/Russian/Danish/Japanese/Quebec/Ukrainian
  • TOTP, Email, Phone, Biometric, Azure Providers for MFA
  • Run with ADFS 2012 R2, 2016 and 2019
  • Secret Keys length (Guid, 128, 256, 384 & 512 bytes) RNG generator
  • Secret Keys RSA asymmetric encryption length (2048 bytes) RSA
  • Secret Keys AES symmetric encryption length (256 bytes) AES256, ECDH_P256
  • Secret Keys custom encryption (when implementing ISecretKeyManager and ISecretKeyManagerActivator)
  • PowerShell Cmdlets for managing MFA properties and MFA Users
  • MMC Console for managing MFA properties and MFA Users
  • Can use ADDS customizable attributes or SQL-Server Database, or develop a Custom Storage component
  • Can send TOTP code by email (customizable template in resources)
  • Can send TOTP code by SMS (customizable and extensible with API (IExternalProvider interface))
  • Can use TOTP code using Authenticator Apps like MS Authenticator, Google Authentication and more
  • Biometric authentication (Anders Åberg, Alex Seigler and others https://github.com/abergs/fido2-net-lib)
  • Enable self-registration
  • Enable self-registration with QR code (George Mamaladze and his team https://qrcodenet.codeplex.com)
  • Enable custom change password.
  • Can work with ADDS multi-forests with trust relationships
  • Can work with LDAP 3.0 Providers (ADFS 2016/2019) when using SQL Storage mode
  • Full sample for Azure MFA (additional configuration tasks and costs implied)
  • Developers can easily extend this component for other verification modes (Azure MFA, RSA,…) with the IExternalProvider, ISecretKeyManager interfaces
  • Developers can easily extend this component for other storages modes (AD & SQL by default)
  • Developers can easily replace the default UI, subclassing BasePresentation or BaseMFAPresentation classes
  • Full support for ADFS 2019/2022 themes

Remarks

  • Due to security, Developers must sign their Visual Studio solution with their own generated .pfx certificate (see custom development)
  • You must deploy the solution on each of your ADFS servers, not on Proxy Servers.
  • To work with ADDS, the ADFS Service account must have read and write to users properties (or use the superaccount feature).
  • To work with SQL Server Database, you must deploy the database on a separate SQL Server
  • Working with ADFS Windows server 2012r2, 2016, 2019 and 2022
Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].