Using a different authentication scheme for the admin account

system

Introduction

Because the admin account on LogonBox is such an important account (as it is the super user), it makes sense to increase the logon security for this account.

LogonBox has a separate authentication flow specifically for admin accounts.

Note that an admin account in this context is any user who is a member of the System Administrator or Realm Administrator Role or any other Role that you have added in Authentication Flows->Authentication Options->Admin->Administrative Roles.

This article will explain how you can achieve this.

 

1. Authentication Scheme

Now navigate to Authentication Flows->Schemes and edit the Admin scheme. Alter the authentication flow as required. In this example, we have added PIN after the default Username+Password by clicking the plus icon on the PIN module. Scroll down and click Save when you have finished.

 

2. Be careful not to lock out your access

Before you log off the admin account to test, ensure the admin account is set up already with whatever authentication you've configure.

In this example, here go to My Credentials->My PIN and set a PIN for the admin account.

If you're adding something like IP Authentication, make sure you click the Edit on the IP module and set a valid IP range to log on from.

 

3. Test authentication

Now, you can log off and test the new authentication.

Go to the administration link and enter the admin username and password.

 

The system now prompts for the extra authentication (in this case a PIN). After entering this, the admin account logs in as expected.