Connect. Communicate. Collaborate. Securely.

Home » Kerio User Forums » Kerio Connect » Two-Factor Authentication (Implementing two-factor authentication in kerio webmail)
  •  
pchernoff

Messages: 120
Karma: 0
Send a private message to this user
We are planning on moving to KerioMailServer and I would like to implement Two-Factor Authentication for webmail users. This would prevent someone from being able to access one of our mail accounts if they steal the regular password from a wireless connection or a public computer. I am in contact with CRYPTOCard but they have not had experience with their software on KMS. I was wondering if anyone was taking this approach, and if so, how they implemented it.
  •  
nowen

Messages: 2
Karma: 0
Send a private message to this user
Sorry for the delayed, reply, I just joined.

If you are using the linux version, then you can use pam radius to route authentications to your two-factor authentication server: Pam radius two-factor howto

On windows, you might able to do the same thing using the MS radius server IAS. It's a free add-on. Here's a documentent that describes how to add WiKID two-factor authentication to ISA: How to configure the Microsoft ISA server to support Two-Factor Authentication from WiKID, which should be pretty close.

And here's a general webmail + two-factor authentication doc:
How to configure Webmail for WiKID two-factor authentication

HTH,

Nick


--
Nick Owen
WiKID Systems, Inc.
404.962.8983
http://www.wikidsystems.com
Commercial/Open Source Two-Factor Authentication
irc.freenode.net: #wikid
  •  
nowen

Messages: 2
Karma: 0
Send a private message to this user
I have an updated tutorial on our site wikidsystems.com. The forum won't let me post a url, so you will have to search our site for kerio.

Short version: On kerio: set your domain to use PAM and have the uses use PAM. On the linux server, configure /etc/pam.d/kerio-connect to use pam-radius and set pam radius to point to your two-factor authentcation server.

Thanks to Kenneth in Kerio support for helping me with this!


--
Nick Owen
WiKID Systems, Inc.
404.962.8983
http://www.wikidsystems.com
Commercial/Open Source Two-Factor Authentication
irc.freenode.net: #wikid
Previous Topic: Keep getting "The device has sent the invalid SyncKey" from Android phone
Next Topic: deploying Kerio Outlook Connector
Goto Forum:
  


Disclaimer:
Kerio discussion forums are intended for open communication between forum members and may contain information and material posted by members which may be useful in learning about Kerio products. The discussion forums are not intended to provide technical support for any specific product. Any information implied or expressed in the discussion forums is that of the posting member. Kerio is in no way responsible for the information posted in the forums, or its accuracy. Kerio employees may participate in the discussions, but their postings do not represent an offical position of the company on any issues raised or discussed. Kerio reserves the right to monitor and maintain the forums to promote free and accurate exchange of information.

Current Time: Sat Nov 25 03:15:35 CET 2017

Total time taken to generate the page: 0.00387 seconds
.:: Contact :: Home ::.
Powered by: FUDforum 3.0.4.