May 1, 2018 By Nancy Li 2 min read

IBM Cloud Platform now adds support for Multi-Factor Authentication

In April 2018, IBM Cloud Platform added support for Multi-Factor Authentication (MFA). This adds an extra layer of security to users’ accounts by requiring all users to provide a time-based one-time passcode in addition to their standard IBMid and password when logging in. Having this option enables IT admins to rest a little easier knowing that they’re protecting their company’s network and workloads while keeping access flexible and easy.

How does it work?

The account owner can enable MFA on their account by going to the Manage > Security > Identity and Access > option from the header.  Then selecting Settings tab to see authentication options for the account. 

Please note that when MFA is enabled for the account, all users in the account are required to complete the MFA process next time they log in.  

Once enabling multi-factor authentication for the account, users logging into the account will be asked to install an authenticator application like Google Authenticator or IBM Verify.  If a user is a member to multiple accounts and at least one of those accounts is MFA-enabled, then the user must input MFA before logging into IBM Cloud.

 

Other Considerations:

  • MFA can be configured by the Account Owner on a per account basis and not on individual user IDs

  • Once MFA is enabled for the account, all users in the account are required to complete the MFA process next time they log in

  • MFA is not supported for federated users

  • API Keys for users and Service IDs will continue to work after MFA is enabled

  • Users of native CF CLI or UI login into CF must use API keys or SSO after MFA is enabled on the account

  • Linked Account users who previously configured IaaS IMS 2FA in the Control Portal should consider the following:

    • MFA for your IBM Cloud account extends across the platform and infrastructure services for your linked account, so you might choose to disable the 2FA that applies only to infrastructure resources in your account in favor of the MFA setting option.

    • If you are a federated user, MFA is not supported. Therefore, you might want to retain your 2FA for infrastructure only resources to ensure the security of your resources.

Reference Links:

Was this article helpful?
YesNo

More from Security

Enhance your data security posture with a no-code approach to application-level encryption

4 min read - Data is the lifeblood of every organization. As your organization’s data footprint expands across the clouds and between your own business lines to drive value, it is essential to secure data at all stages of the cloud adoption and throughout the data lifecycle. While there are different mechanisms available to encrypt data throughout its lifecycle (in transit, at rest and in use), application-level encryption (ALE) provides an additional layer of protection by encrypting data at its source. ALE can enhance…

Enhancing data security and compliance in the XaaS Era 

2 min read - Recent research from IDC found that 85% of CEOs who were surveyed cited digital capabilities as strategic differentiators that are crucial to accelerating revenue growth. However, IT decision makers remain concerned about the risks associated with their digital infrastructure and the impact they might have on business outcomes, with data breaches and security concerns being the biggest threats.   With the rapid growth of XaaS consumption models and the integration of AI and data at the forefront of every business plan,…

IBM named a Leader in Gartner Magic Quadrant for SIEM, for the 14th consecutive time

3 min read - Security operations is getting more complex and inefficient with too many tools, too much data and simply too much to do. According to a study done by IBM, SOC team members are only able to handle half of the alerts that they should be reviewing in a typical workday. This potentially leads to missing the important alerts that are critical to an organization's security. Thus, choosing the right SIEM solution can be transformative for security teams, helping them manage alerts…

IBM Newsletters

Get our newsletters and topic updates that deliver the latest thought leadership and insights on emerging trends.
Subscribe now More newsletters