Multi-Factor Authentication (MFA/TOTP) Use Cases

Information

Multi-factor Authentication (MFA) is an authentication method that requires the user to provide two or more verification factors to gain access to a resource such as an application, online account, or a VPN. MFA is a core component of a strong identity and access management (IAM) policy. Rather than just asking for a username and password, MFA requires one or more additional verification factors, which decreases the likelihood of a successful cyber attack.

How the check works

The main check is a python script that runs pytotp and creates the 30 second codes you use to log in with. The script supports one or multiple codes at the same time as long as you provide the secrets to them. This script stored the codes to the ASM dictionary to be easily used in other scripts like ZebraTester, Browser and Postman.

In the end you’ll find examples of how to set them up in a Browser check and a ZebraTester check.

The current script needs to run once every 10-15 seconds to make sure the codes are updated fast enough to not go out of use. The script can be modified to do this itself for x seconds/minutes, but it will make sure no other script can run at the same time.

ASM Setup

This check has not been published to customers yet. If you have a use for it for customers, message @Christian Backström and he’ll upload it for you to use. The script needs to run on a private agent that has the python container enabled. This script does not run on public agents. The agent needs to have the module “pyotp” installed. You can follow this guide to install it:

Install external libraries for Python Checks

Once on your private agent you need to navigate to the following directory:

/opt/asm-browser-agent

Next, you need to execute the bash script “chroot_shell.sh

Whilst in “apica-chroot” you can now interact with the python environment available for the private agent (latest package includes Python 3.9.8)

And you can also use the pip tool to install external packages, see below example.

pip3 install <module>
##Example [apica-chroot] root@ip-xxx-xx-xx-xxx:/# pip3 install pymssql Collecting pymssql Downloading pymssql-2.2.5-cp39-cp39-manylinux_2_24_x86_64.whl (2.6 MB) |████████████████████████████████| 2.6 MB 35.9 MB/s Installing collected packages: pymssql Successfully installed pymssql-2.2.5

Create a Python check with the following settings:

Create a Python check with the following settings:

Examples:

ZebraTester check:

  • Here’s how the codes are stored to be accessed:

Can't find what you're looking for? Send an E-mail to support@apica.io