Let me play the devil's advocate here: why would you want two step
authentication for Oracle Forms, if you already have it for VPN. Isn't RSA
token, DUO or Okta Verify or whatever else you are using, safe enough? So, the
user must know his VPN password, must correctly respond to the second password
challenge generated by some form of two step authentication like the ones
mentioned above and he also must know his application username and password. It
looks to me that you are as certain as it is at all possible that the user who
is logging in is who he says he is.
Regards
On Fri, 21 Jul 2017 19:46:33 +0000
Matt Adams <MAdams@xxxxxxxxxx> wrote:
I've been asked to some up with possible suggestions for enabling two factor
authentication for our custom written Oracle Forms application.
So far, the only solution I've really seen is using Oracle Access Manager to
handle authentication, which would allow 2 factor (probably using Duo which
we already have in place for 2 factor authentication to the VPN).
What other solutions are you aware of?
Thanks
Matt
**** This communication may contain privileged and/or confidential
information. If you are not the intended recipient, you are hereby notified
that disclosing, copying, or distributing of the contents is strictly
prohibited. If you have received this message in error, please contact the
sender immediately and destroy any copies of this document. ****