Can Pulse Remember a User (via cookie) to Bypass 2FA to Improve User Experience?
Is it possible for Pulse Connect Secure to do the following (similar to online banking)?
1. User logs in for 1st time with Username, Password (LDAP Authentication) 2. If successful, Pulse prompts the user that they are signing in from an unrecognized device, and asks for 2FA (RSA) 3. If successful, behind the scenes Pulse drops a cookie to remember/identify the device at next log in 4. User connects, does work, logs out. 5. Later that week, the user signs in from that same machine with Username, Password (LDAP Authentication) 6. If successful, Pulse checks for cookie on recognized machine 7. If found, bypasses 2FA (RSA) and brings the user to the home page. 8. If not found, repeat step 2
If this is NOT possible currently, does anyone know if this is on the roadmap?
Re: Can Pulse Remember a User (via cookie) to Bypass 2FA to Improve User Experience?
I can confirm it is not something that can be done; logging out removes the session cookie. I would recommend contacting your regional support engineer to put in an enhancement request for this with our product team to see if it can be done to have a second cookie and a way to have fallback auth (which we don't have now)