Menu

Join the Conversation

To sign in, use your existing MySonicWall account. To create a free MySonicWall account click "Register".

Sign In Register

List of TOTP enabled users

PallasianerPallasianer Newbie ✭
in SSL VPN

Hi,

for our SSLVPN users we have enabled MFA via TOTP. The users are authenticated via LDAP and TOTP is enabled on the SSLVPN Service group.

I would like to know if there is a way to get a list of users, that have completed the TOTP binding process?

I want to check this againt the list of users from my LDAP to identify users that still have to do this TOTP binding and give them reminder.

Category: SSL VPN
Reply

Answers

  • Thomas_BuergisThomas_Buergis Enthusiast ✭✭

    Hi,

    I didn't find a way to extract TOTP binding information, not even from the TSR.

    If the One-time password method TOTP is chosen on the SSLVPN Services Group or an individual level, SSL-VPN doesn't let a user authenticate and connect without a TOTP provided. So you could log the users' login attempts and build your list.

    I wouldn't bother about reminding your users since they can't log in without a TOTP binding

  • MarchMadnessMarchMadness Newbie ✭

    I just posted the same question. The thought is a TOTP user that has been compromised, who has not binded to their authenticator app yet, can still be accessed by a threat actor. The threat actor in this case has beat the user to binding first (assuming they know the URL to bind).

  • PallasianerPallasianer Newbie ✭
    edited March 2022

    Yes this is exactly the reason why i would like to have this information.

    But from the support i got the answer that this information is not available.

Sign In or Register to comment.