Oracle Cloud Infrastructure multi-factor authentication
For some time we didn’t have a multi-factor authentication in the Oracle cloud and those short-lived numeric codes were one of the best way to reinforce your protection and prevent a bad actor to break your credentials. It is not 100% protection but it is well better than a username and a password. Just recently I read in the Oracle Infrastructure cloud blog about new native multi-factor authentication for Identity and Access Management (IAM) system on Oracle Cloud Infrastructure (OCI). Of course, I went directly to my account and started to test it.
I found that it was extremely easy and intuitive. I clicked on “user settings” in the drop down menu for my profile.
And there I saw the new button “Enable Multi-Factor Authentication”.
When I clicked the button a new pop-up window with a QR-Code appeared. To use it you need to install Oracle Authenticator to your mobile phone. I tried with the Google Authenticator but it didn’t work for me.
After scanning the bar-code the Oracle Authenticator automatically added the new record with a name like <tenancy_name – user_name> and provided a number you need to put to the form. After that, the user was registered for the multi-factor authentication and the new form was appearing after putting username and password.
It worked without any problems and gave me more assurance and protection working with Oracle Cloud Infrastructure.
A couple of things worth to mention. The new native multi-factor authentication works only for OCI users and doesn’t work for federated and SSO users. And the second thing is to be careful trying other non-oracle mobile authenticators. When I tried the Google one it allowed me to enable the authentication but I was not able to log in after that. Luckily your administrator can disable the feature and you can try it again with correct authenticator software.