TecMFA: Desktop MFA for Mac
Enforce two-factor authentication based on Okta policies.
Self-Service Password Recovery.
In the online scenario, the user’s Desktop/laptop is connected to the internet and can reach Okta cloud.
After successful authentication of 1st factor (Username & password), TecMFA will present the factors configured in Okta for secondary authentication.
Only after both the factors have been verified by Okta will the user be allowed to login to their desktop/laptop.
This scenario supports the following factors in Okta:
In the offline scenario, the user’s Desktop/laptop is not connected to the internet and cannot reach Okta cloud.
In this scenario, TecMFA will perform the primary and secondary authentication. For secondary authentication, the Okta Verify app is leveraged. The TOTP generated by the Okta Verify App will have to be entered during the 2 Factor prompt.
The user will have to scan a QR code using the Okta Verify app on first login to complete the enrollment process for offline 2 Factor authentication.
Supported MacOS Versions
TecMFA supports the following MacOS versions:
- MacOS Mojave
- MacOS Catalina
- MacOS Big Sur
TecMFA is developed on Okta's MFA framework and leverages on the policies and factors (Okta Verify) configured in Okta. The requirements to test TecMFA are:
- Okta tenant is configured & users can login to Okta.
- Users are active in Okta and have enrolled in at least 1 Factor type supported by TecMFA.
- Sign-on policy is configured in Okta for enforcing or bypassing MFA for desktop users.
- Okta Verify Push
- Google Authenticator
- Security Question
- Hardware TOTP