Join the Conversation

To sign in, use your existing MySonicWall account. To create a free MySonicWall account click "Register".

List of TOTP enabled users

Hi,

for our SSLVPN users we have enabled MFA via TOTP. The users are authenticated via LDAP and TOTP is enabled on the SSLVPN Service group.

I would like to know if there is a way to get a list of users, that have completed the TOTP binding process?

I want to check this againt the list of users from my LDAP to identify users that still have to do this TOTP binding and give them reminder.

Category: SSL VPN
Reply

Answers

  • Thomas_BuergisThomas_Buergis Enthusiast ✭✭

    Hi,

    I didn't find a way to extract TOTP binding information, not even from the TSR.

    If the One-time password method TOTP is chosen on the SSLVPN Services Group or an individual level, SSL-VPN doesn't let a user authenticate and connect without a TOTP provided. So you could log the users' login attempts and build your list.

    I wouldn't bother about reminding your users since they can't log in without a TOTP binding

  • I just posted the same question. The thought is a TOTP user that has been compromised, who has not binded to their authenticator app yet, can still be accessed by a threat actor. The threat actor in this case has beat the user to binding first (assuming they know the URL to bind).

  • PallasianerPallasianer Newbie ✭
    edited March 2022

    Yes this is exactly the reason why i would like to have this information.

    But from the support i got the answer that this information is not available.

Sign In or Register to comment.