Curtis,
Do you mean MFA: 1. as the TCP connection is made from a client to the tn3270 server (I assume you are not talking about OSA-ICC as that would have different issues) 2. or as an SNA sessions are created to (selected) 3270 applications such as TSO, CICS, IMS etc Mike Wawiorko -----Original Message----- From: IBM Mainframe Discussion List <IBM-MAIN@LISTSERV.UA.EDU> On Behalf Of Pew, Curtis G Sent: 16 July 2019 15:24 To: IBM-MAIN@LISTSERV.UA.EDU Subject: Tn3270 + MFA This mail originated from outside our organisation - curtis....@austin.utexas.edu<mailto:curtis....@austin.utexas.edu> Our security folks want us to implement some form of two-factor authentication for tn3270 access. (Currently, we just require users to be on campus or use our VPN; the VPN uses DUO to provide two-factor authentication. But now they want two-factor for on campus too.) Has anyone implemented anything like this? Any pointers or suggestions? Thanks. -- Pew, Curtis G curtis....@austin.utexas.edu<mailto:curtis....@austin.utexas.edu> ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu<mailto:lists...@listserv.ua.edu> with the message: INFO IBM-MAIN ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN