2FA audit trail
Planned
Hi is there a way to get a detailed log of authentication requests to a server / system?
-
Thanks for your question.
At the moment, Nx Witness has the audit trail of login attempt. You may check the audit trail from "System Administration -> Audit Trail"
We don't offer the 2FA detail to anyone, even we are not able to check the 2FA detail of any accounts. The only thing we are allowed to do is that generating the 2FA backup code under user's requests.
Are you saying if the 2FA code was unable pass the authentication during the login session, ex: the user enters wrong 2FA code?I might be misunderstanding the case, if you can elaborate what you desire to see, that would be appreciated.
Thanks.
0 -
Hi Ichiro,
I know this was an old request and now in planned status.
what we would like to see is full log of events when an auth handshake happens.
Example events :
- username OK > password OK > TOTP prompt > timed out
- username OK > password OK > TOTP prompt > wrong TOTP code
-
username OK > password OK > TOTP prompt > wrong TOTP > user selected backup code option > backup code used > login OK
This is crucial for investigations when law enforcement authorities are involved
0 -
Hi Charm,
Thanks for the suggestions but currently it is in planned state, remaining the same state as before.
But i will send the example to our product team for backlog.Thanks.
0
Please sign in to leave a comment.
Comments
3 comments