Now this isn’t something new, but I thought that the description of what some banks do to secure your login is a good one.  We aren’t all banks, and we don’t all have the resources (or the incentive) to implement such risk-based systems, but the point here is that banks do see value to 2FA, even if they aren’t sending you tokens to use to log in.

There are many approaches to 2FA.  The most basic ones generally require you to enter two things directly, such as your PIN and YubiKey, to log in. But this isn’t the only way to do things, and as the banks show, it isn’t always the most desirable, either.  You have to know your users as well as what they are accessing to make proper decisions on what type of 2FA to implement.

GreenRADIUS is designed to assist in providing 2FA for your users, either internal or external.  This 2FA can be integrated in many places, from remote access systems such as a VPN or remote desktop environment to your website.  We believe that you should be able to implement 2FA smartly and cost-effectively, with a low barrier to use.  So even though it isn’t hidden, it doesn’t get in the way.  In the end, if your users won’t accept it, then it only makes their job more difficult, and doesn’t really enhance your security.