Gallop Technology Group
Request an appointment
480-614-4227
Info@GallopTechGroup.com
  • Youtube
  • Facebook
  • Twitter
  • LinkedIn
  • Mail
  • Contact
    • Our Support Portal
    • New Client Intake Form
    • Technical Questionnaire
    • Join Our Family
  • Resources
    • Videos
    • Blog
  • Support
  • Solutions
    • Cybersecurity
    • Secured Cloud
    • Voice Over IP (VoIP)
    • Managed IT
    • Fractional CTO
    • IT Projects & Services
    • Legal Technology Solutions
  • Company
    • About Us
    • Team Bio
  • Home
  • Search
  • Menu Menu

2FA-SETUP

What is 2FA, and why do I need it?

Answer: 2FA, short for Two Factor Authentication, is a method to secure a login to a device or website, by sending a code or approving that login on a separate device, at time of login, after entering your normal username and password.
Hackers find ways to easily breach passwords. Passwords by themselves are not secured anymore, and all cyber security professionals recommend using 2FA when possible.
Almost all insurance providers require 2FA to be set up and enforced, for the added security.

Why are we going to use DUO for our 2FA solution?

Answer: Gallop Technology Group spent months of research and development, testing and case studies to come up with the best solution for our clients. DUO is priced right, has GREAT support, is known to be VERY futuristic yet stable and reliable, and is very easy to set up, deploy and remove as your company needs’ change.

What is the process to enable DUO 2FA for our company?

Answer: Gallop Technology Group will collect information from you regarding your company needs (amount of users, billing information, workaround for users who are not willing to install the DUO App on their cell phone, etc.). Once we collect the needed information, we set it up on the DUO admin portal for your company, and set up all the users, policies and permissions required. You don’t need to worry about any of that. We will then choose a “focus group” of users to test this with on your end, and from there- deploy it for the rest of your team once you approve.

How do the users set up 2FA once Gallop Technology Group enables it for our company?

Answer: Upon enabling the service for each user, the users will receive a “welcome email” from Duo with a link, asking them to register and enroll in their Duo account. At the end of that process, they would have an active account.
Once the account is active, we can continue with enforcing DUO on the user’s devices and cloud accounts we discussed with you.

Will users be locked out once Duo is implemented?

Answer: The first step is for the users to create an account, by following the steps they received on the DUO “welcome Email”. Then, during the initial implementation phase, 2FA will not be enforced until you approve that enforcement phase, and after we tested that there are no issues with any of the devices of the test group.

Once all users are enrolled (or when we receive approval to proceed), we will enforce the policy, and by that- preventing users from logging into their system if they did not enroll as of that point. Our support staff would be able to assist users who did not complete the enrollment in finishing the process so they can log in. It’s a quick and simple process on our end to assist those users, but we of course recommend that all users set up their account and enroll in the process before the enforcement date.

What services are affected?

Answer: The initial implementation of Duo is for both RDP (stands for “Remote Desktop Protocol”, used by users who remote into their office computer or cloud server remotely when traveling or working from home) and for Local PC access, and for Azure Active Directory sign-on (with Azure Active Directory, Duo will also replace the Microsoft Authenticator so there is no need for multiple applications).

One (or more) employees does not agree to install the Duo app on their personal cell phone. What options do we have?

Answer: It is going to be MUCH easier for your users to simply install the DUO app on their phone. It is secure, safe, and very lightweight. However- If a user does not want to install it on their cell phone, you will be required to purchase an “USB Authentication hardware key” device called “YubiKey”, and our team will have to configure it (one time for your company) and mail it to you.

This YubiKey device will be used by that user by plugging it into the computer at the time of login and will have to be removed immediately after and NOT kept by the computer when the user is away (for security reasons). This device can also be used for authenticating / 2FA login on mobile devices (cell phones/ tablets), but those devices must have NFC capabilities. Please contact our team for more information about mobile device 2FA access.

What happens if a user forgets their authentication device? (phone/hardware key etc..) how would they be able to log in?

Answer: Our engineers can provide a user with a Bypass code which will be valid for a set duration depending on the situation after confirming their identity through our normal procedures.

Why not use the Microsoft Authenticator app? It’s free and we most likely have it already on our phones.

Answer: The short answer is that the Microsoft Authenticator app that is used for 2FA to log in to your MS cloud services, does NOT work as a 2FA device on physical computers login protection. We’re working hard to make it easier to manage and have everything unified with less solutions to manage and support and train your employees on. Duo can integrate into the Microsoft platform, but not the opposite. Therefore, we recommend utilizing the Duo authentication to replace the Microsoft Authenticator once you set up 2FA for physical computers local login security.

Is it true that I won’t be able to use a fingerprint or a PIN anymore to log into my computer once we install 2FA?

Answer: Unfortunately, at this point- that is correct. After months of research and testing/ discussion with many 2FA providers, we found that there is no 2FA solutions that support “Windows Hello” (Windows Hello is how Microsoft calls their PIN, Biometric, fingerprint and other login methods that replace the good-old password).

Therefore, all users will have to enter their account password in order to log in to their computers once the DUO 2FA is implemented. For users who currently use Windows Hello as part of their sign-in (PIN/Biometrics), we ask that they confirm they know their “fill computer password” prior to enforcement of the DUO 2FA.
Please make sure your team confirm they know their password (since most people only use PIN code instead of their password, they forget their actual password in some cases) by following these instructions HERE: https://www.galloptechgroup.com/confirm-your-windows-password/

  • In order to receive service from us you must agree to our Terms of Service as posted here Our terms of service includes our current response times.
  • Please enter a number from 0 to 100.
  • (By not installing the DUO app on the employee cell phone, you will be required to use a USB Authentication hardware key called “YubiKey”. Price for each YubiKey, including hardware cost, shipping and configuration is $80 +tax)


    Please use the name(s) of the “test group” users in your organization that will have this security process ENFORCED for them first, before we enforce it for the rest of your team (Text box, multi-line, with pre-text saying “please list FULL NAMES of the test users here")


    Note: Once we complete the implementation with the test group of users, we will coordinate with you the next step of sending the welcome emails to the reminder of your team, and the implementation date for the rest of your team.

Q&A:

  1. What is 2FA, and why do I need it?
    Answer: 2FA, short for Two Factor Authentication, is a method to secure a login to a device or website, by sending a code or approving that login on a separate device, at time of login, after entering your normal username and password. Hackers find ways to easily breach passwords. Passwords by themselves are not secured anymore, and all cyber security professionals recommend using 2FA when possible. Almost all insurance providers require 2FA to be set up and enforced, for the added security.
  2. Why are we going to use DUO for our 2FA solution?
    Answer: Gallop Technology Group spent months of research and development, testing and case studies to come up with the best solution for our clients. DUO is priced right, has GREAT support, is known to be VERY futuristic yet stable and reliable, and is very easy to set up, deploy and remove as your company needs’ change.
  3. What is the process to enable DUO 2FA for our company?
    Answer: Gallop Technology Group will collect information from you regarding your company needs (amount of users, billing information, workaround for users who are not willing to install the DUO App on their cell phone, etc.). Once we collect the needed information, we set it up on the DUO admin portal for your company, and set up all the users, policies and permissions required. You don’t need to worry about any of that. We will then choose a “focus group” of users to test this with on your end, and from there- deploy it for the rest of your team once you approve.
  4. How do the users set up 2FA once Gallop Technology Group enables it for our company?
    Answer: Upon enabling the service for each user, the users will receive a “welcome email” from Duo with a link, asking them to register and enroll in their Duo account. At the end of that process, they would have an active account.
    Once the account is active, we can continue with enforcing DUO on the user’s devices and cloud accounts we discussed with you. 
  5. Will users be locked out once Duo is implemented?
    Answer: The first step is for the users to create an account, by following the steps they received on the DUO “welcome Email”. Then, during the initial implementation phase, 2FA will not be enforced until you approve that enforcement phase, and after we tested that there are no issues with any of the devices of the test group.
    Once all users are enrolled (or when we receive approval to proceed), we will ENFORCE the policy, and by that- preventing users from logging into their system if they did not enroll as of that point. Our support staff would be able to assist users who did not complete the enrollment in finishing the process so they can log in. It’s a quick and simple process on our end to assist those users, but we of course recommend that all users set up their account and enroll in the process BEFORE the enforcement date.
  6. What services are affected?
    Answer: The initial implementation of Duo is for both RDP (stands for “Remote Desktop Protocol”, used by users who remote into their office computer or cloud server remotely when traveling or working from home) and for Local PC access, and for Azure Active Directory sign-on (with Azure Active Directory, Duo will also replace the Microsoft Authenticator so there is no need for multiple applications). 
  7. One (or more) employees does not agree to install the Duo app on their personal cell phone. What options do we have?
    Answer: It is going to be MUCH easier for your users to simply install the DUO app on their phone. It is secure, safe, and very lightweight. However- If a user does not want to install it on their cell phone, you will be required to purchase an “USB Authentication hardware key” device called “YubiKey”, and our team will have to configure it (one time for your company) and mail it to you. This YubiKey device will be used by that user by plugging it into the computer at the time of login and will have to be removed immediately after and NOT kept by the computer when the user is away (for security reasons). This device can also be used for authenticating / 2FA login on mobile devices (cell phones/ tablets), but those devices must have NFC capabilities. Please contact our team for more information about mobile device 2FA access.
  8. What happens if a user forgets their authentication device? (phone/hardware key etc..) how would they be able to log in?
    Answer: Our engineers can provide a user with a Bypass code which will be valid for a set duration depending on the situation after confirming their identity through our normal procedures.
  9. Why not use the Microsoft Authenticator app? It’s free and we most likely have it already on our phones.
    Answer: The short answer is that the Microsoft Authenticator app that is used for 2FA to log in to your MS cloud services, does NOT work as a 2FA device on physical computers login protection. We’re working hard to make it easier to manage and have everything unified with less solutions to manage and support and train your employees on. Duo can integrate into the Microsoft platform, but not the opposite. Therefore, we recommend utilizing the Duo authentication to replace the Microsoft Authenticator once you set up 2FA for physical computers local login security.
  10. Is it true that I won’t be able to use a fingerprint or a PIN anymore to log into my computer once we install 2FA? 
    Answer: Unfortunately, at this point- that is correct. After months of research and testing/ discussion with many 2FA providers, we found that there is no 2FA solutions that support “Windows Hello” (Windows Hello is how Microsoft calls their PIN, Biometric, fingerprint and other login methods that replace the good-ol password).

Therefore, all users will have to enter their account password in order to log in to their computers once the DUO 2FA is implemented. For users who currently use Windows Hello as part of their sign-in (PIN/Biometrics), we ask that they confirm they know their “fill computer password” prior to enforcement of the DUO 2FA.

Please make sure your team confirm they know their password (since most people only use PIN code instead of their password, they forget their actual password in some cases) by following these instructions HERE: https://www.galloptechgroup.com/confirm-your-windows-password/

Pages

  • 2FA SETUP
  • 2FA-SETUP
  • About Us
  • Add a new user to BIG
  • Add a new user to your domain
  • Admin information
  • All-inclusive Support
  • Archive
  • AUGUST WHEELER
  • Backup and Disaster Recovery Services
  • Beits Livneh’s “Landing Page”
  • Billing Portal
  • Blog
  • Bold
  • chat
  • Chat is Unavailable
  • Check Ticket Status
  • Client Computer Quote
  • Client Quote Request Desktop
  • Client Quote Request Laptop
  • Client Registration
  • Coming soon
  • Configuring Office 365 Account on your Phone
  • Contact
  • Contact Support
  • Continued Education Classes
  • Cyber Security – Employee
  • Cyber Security – Manager
  • Cyber Training
  • Cybersecurity
  • DNS whitelist request form submission
  • Employment Schedule An Interview
  • Fast
  • Fractional CTO
  • GALLOP ALL INCLUSIVE SUPPORT DETAILS
  • GALLOP BACKUP AND DISASTER RECOVERY PACKAGE
  • GALLOP CYBER PLAN DETAILS
  • GALLOP SECURED CLOUD
  • GALLOP STARTER PACKAGE DETAILS
  • Guide To Two-Factor Authentication
  • Guide To Two-Factor Authentication
  • HOME
  • Home
  • Home backup 10/18/2022
  • Hosted Cloud Server
  • Hosted Exchange Account Management Fee
  • Hosted Exchange Registration Form
  • How to confirm your login password for Windows
  • How to connect to LTS cloud VPN
  • How to Log Off your Cloud Server Session
  • How to set up Sonicwall VPN on Windows 10
  • How to Update Older Version of Windows
  • HUB Page
  • Instructions on how to set up 2FA for the first time
  • Internal Quote Request
  • IT Projects & Services
  • Join Our Family
  • Legal Technology
  • Login Page
  • Managed IT
  • Microsoft Licensing Portal
  • New Client Intake Form
  • New Customer Questionnaire
  • New Email Account Request
  • NTS hosted exchange registration request
  • occ
  • Pay
  • Plan
  • Portal
  • Portal Page
  • Pre Employment Questionnaire Level 2 Engineer
  • Pre Employment Questionnaire – Engineer technical application
  • Pre Employment Questionnaire – Short Form
  • Privacy Policy
  • Proofpoint introduction
  • Quickbooks Maintenance Request
  • Remote Support
  • Remove user from your domain
  • Reporting & Statements Request
  • Request an appointment
  • Request to qualify a device for remote access
  • ROBERT VALVERDE
  • Search Results
  • Secured Cloud
  • SECURED CLOUD
  • Setting up an email account on an iPhone or iPad
  • Spam Filtering
  • Spirit Partner Technical Support
  • Spirited
  • Support
  • Team Bio
  • Terminate Computer
  • Terms of Service
  • Terms of Use
  • Test
  • test2
  • Thank you
  • Thoroughbred
  • Ticket lifecycle
  • User Information
  • Users Data Collection
  • Vendor data collection sheet
  • Videos
  • Voice Over IP (VoIP)
  • Welcome to Amit Donenfeld-Peled’s “Landing Page”
  • Welcome to August Wheeler’s “Landing Page”
  • Welcome to Eric Yared’s “Landing Page”
  • Welcome to John Michael Salbago’s “Landing Page”
  • Welcome to Michael Edwards’ “Landing Page”
  • Welcome to Michelle Wyrick’s “Landing Page”
  • Welcome to Robert Valverde’s “Landing Page”
  • Client Services
  • Client Services
  • Email portal
  • Submit A Ticket

Categories

  • Blog
  • Newsletter
  • Uncategorized

Archive

  • August 2022
  • July 2022
  • June 2022
  • May 2022
  • April 2022
  • March 2022
  • November 2021
  • October 2021
  • August 2021

Contact Us Today For Exceptional Technical Support For Your Businesses!

Click Here for Your Free Assessment
480-614-4227 - GallopTechGroup.com
Scroll to top