We are moving to Hosted and our Box Office Staff need OTP tokens.
Other than fish tokens has anyone used the Mobile ID for Windows with Acive Directory for those staff memebers that move locations but can't be whipping a phone out in front of customers?
I have one staff member who uses it and she's had no issues!
We have a staff member who uses Mobile ID for Windows and had zero issues. Our staff person uses the same computer as it is tied to her login.
Thank you. Our Data analyst and one of our ticketing specialists use it with gusto. It's the roaming on Active Directory that is causing the headache. Mainly the headache is IT telling me it's more insecure than me at 15 at a school dance.
We have to on our desktop at our Front Desk. We don't use it all that often, but when we do there haven't been any issues.
Thanks Chelsea. Is it a shared terminal (single user login) or is it a Hot Desk with the Mobile token following the profile?
I'm intrigued as to where it saves the credentials. If it's the profile (as you would with Active Directory) that should work but if it's a registy value then it'll break the sync when you switch computers.
Thanks Angela - same with us for the current users (sometimes I think that they are actually tied to their computer). Roaming/Active Directory seems to be the tricky part.
Hop onto terminals when an individual has next logged in. Create an individual chrome profile for them, save a shortcut on their local user desktop (not the public desktop). Pin it to Task bar. Bookmark the Tessitura login link.
Install the desktop token (Name it appropriately) Set a pin to secure to the token.
Ask users to login on the newly created local chrome profile and save their login credentials.
Train their muscle memory to not save over their password with their OTP when prompted.
The login details are now secured by their windows log in, token and password*
*Make sure their windows password is set to be updated every 90 days and they are not using IT vendor supplied passwords - IT can help with this.
It’s secure just fiddly to set up at the start but it’s similar to installing individual Tessitura user icons per computer in old self hosted set up before groups policy allowed DBA’s users to push them to public desktops for everyone in a Tessitura User Group.
Thanks Lou. That makes sense. Will give it a crack.