By Nancy Li 2 min read
May 1, 2018

IBM Cloud Platform now adds support for Multi-Factor Authentication

In April 2018, IBM Cloud Platform added support for Multi-Factor Authentication (MFA). This adds an extra layer of security to users’ accounts by requiring all users to provide a time-based one-time passcode in addition to their standard IBMid and password when logging in. Having this option enables IT admins to rest a little easier knowing that they’re protecting their company’s network and workloads while keeping access flexible and easy.

How does it work?

The account owner can enable MFA on their account by going to the Manage > Security > Identity and Access > option from the header.  Then selecting Settings tab to see authentication options for the account. 

Please note that when MFA is enabled for the account, all users in the account are required to complete the MFA process next time they log in.  

Once enabling multi-factor authentication for the account, users logging into the account will be asked to install an authenticator application like Google Authenticator or IBM Verify.  If a user is a member to multiple accounts and at least one of those accounts is MFA-enabled, then the user must input MFA before logging into IBM Cloud.

 

Other Considerations:

  • MFA can be configured by the Account Owner on a per account basis and not on individual user IDs

  • Once MFA is enabled for the account, all users in the account are required to complete the MFA process next time they log in

  • MFA is not supported for federated users

  • API Keys for users and Service IDs will continue to work after MFA is enabled

  • Users of native CF CLI or UI login into CF must use API keys or SSO after MFA is enabled on the account

  • Linked Account users who previously configured IaaS IMS 2FA in the Control Portal should consider the following:

    • MFA for your IBM Cloud account extends across the platform and infrastructure services for your linked account, so you might choose to disable the 2FA that applies only to infrastructure resources in your account in favor of the MFA setting option.

    • If you are a federated user, MFA is not supported. Therefore, you might want to retain your 2FA for infrastructure only resources to ensure the security of your resources.

Reference Links:

Categories

Security
Nancy Li
None

More from Security
September 20, 2023

Spear phishing vs. phishing: what’s the difference?

5 min read - The simple answer: spear phishing is a special type of phishing attack. Phishing is any cyberattack that uses malicious email messages, text messages, or voice calls to trick people into sharing sensitive data (e.g., credit card numbers or social security numbers), downloading malware, visiting malicious websites, sending money to the wrong people, or otherwise themselves, their associates or their employers. Phishing is the most common cybercrime attack vector, or method; 300,479 phishing attacks were reported to the FBI in 2022.…

September 18, 2023

IBM Tech Now: September 18, 2023

< 1 min read - ​Welcome IBM Tech Now, our video web series featuring the latest and greatest news and announcements in the world of technology. Make sure you subscribe to our YouTube channel to be notified every time a new IBM Tech Now video is published. IBM Tech Now: Episode 84 On this episode, we're covering the following topics: The IBM Security X-Force Cloud Threat Landscape Report The introduction of IBM Intelligent Remediation Stay plugged in You can check out the IBM Blog Announcements…

September 13, 2023

Data breach prevention: 5 ways attack surface management helps mitigate the risks of costly data breaches

5 min read - Organizations are wrestling with a pressing concern: the speed at which they respond to and contain data breaches falls short of the escalating security threats they face. An effective attack surface management (ASM) solution can change this. According to the Cost of a Data Breach 2023 Report by IBM, the average cost of a data breach reached a record high of USD 4.45 million this year. What’s more, it took 277 days to identify and contain a data breach. With…

September 6, 2023

What is the vulnerability management process?

5 min read - Modern enterprise networks are vast systems of remote and on-premises endpoints, locally installed software, cloud apps, and third-party services. Every one of these assets plays a vital role in business operations—and any of them could contain vulnerabilities that threat actors can use to sow chaos. Organizations rely on the vulnerability management process to head off these cyberthreats before they strike. The vulnerability management process is a continuous process for discovering, prioritizing, and resolving security vulnerabilities across an organization's IT infrastructure. Security vulnerabilities defined…