Most companies are equipped with an Enterprise WIFI from Cisco or similar network device vendor. Wifi provides over-the-air bridging to your corporate infrastructure and for that, needs to be secured accordingly. The weak link in WIFI security is usually lack of strong authentication: access is granted either with a pre-shared key, or at best, with simple username and password.
A more secure way is to grant access on per-user basis, using IEEE 802.1X, and Multi-Factor Authentication (MFA).
OpenOTP supports IEEE 802.1X standard, providing EAP-GTC (commonly used with Cisco devices), EAP-TTLS-PAP and EAP-TLS authentication over RADIUS.
This means that employees can authenticate to corporate WIFI with:
PROTECT YOUR ENTERPRISE WIRELESS NETWORKS
Our solution for Wifi provides Two-Factor with all OpenOTP One-Time Password methods:
Read more about related products
The only solution which supports OTP for WIFI
OpenOTP Two-Factor for Wifi access does not support the challenged OTP mode. It also requires password concatenation where the OTP password is concatenated with the domain password. Its usage is simple: Users select the network SSID and are prompted for their password(s). A WebADM client policy for your OpenOTP Wifi will let you decide if the users should login with domain password only, the OTP password only or both passwords concatenated.
More about EAP
EAP-TLS (EAP Transport Layer Security) was subsequently defined by IETF RFC 5216. The protocol was created as an open standard leveraging the TLS (Transport Layer Security) protocol and has found wide-spread support with the various wireless vendors on the market. It primarily consists of the original EAP authentication protocol and is still considered to be one of the most secure EAP standards on the market.
- Supported on Enterprise Wifi with EAP-GTC and EAP-TTLS-PAP
- Supports any OpenOTP method (Tokens, Yubikey, SMSOTP, MailOTP…)
- Supports LDAP, OTP and LDAP+OTP login modes
- Supports Contextual authentication with MAC addesses
- Convenient Two-Factor with password concatenation
- Per user and group reply attributes for Wifi role-based access
- Authentication policies per client application or group of users