Where I'm at, our virtual desktops are controlled by our normal password. To log on to any mainframe session, we have to use our RSA soft-id or token generated password. Each one can only be used once. We use TPX which then uses passtickets to log us on to CICS, TSO, Omegamon, etc. Because of the multiple systems and segregation between prod and non-prod, the biggest impact to sign on's for me is after a weekly reboot of my virtual desktop. The RSA passwords refresh every 30 seconds and you have to wait for a new one every time you use one. So what used to take 2-3 minutes each week with passwords now takes about 10 minutes to get signed on to everything. However, that is the only change we have had to endure.
-----Original Message----- From: IBM Mainframe Discussion List [mailto:[email protected]] On Behalf Of Jesse 1 Robinson Sent: Wednesday, March 21, 2018 12:49 PM To: [email protected] Subject: Mechanics of MFA Multifactor Authentication is on everyone's lips these days. The closest experience I have with it is logging on to VPN with a token-if that really counts. Once logged on, however, my session locks up frequently due to a tight limit on activity. Or I lock it myself when walking away from my desk. When lockup occurs, I reenter my defined password and move on. VPN timeout period is much longer, at which point I have to use the token again. So how does MFA work in practice? I ask because the idea of having to go through MFA every few minutes would be a very hard sell at the ranch. . . J.O.Skip Robinson Southern California Edison Company Electric Dragon Team Paddler SHARE MVS Program Co-Manager 323-715-0595 Mobile 626-543-6132 Office <===== NEW [email protected]<mailto:[email protected]> ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
