Blog
Recent
bg
Security Tips

Protect Your VPN Access with Multi-Factor Authentication

LastPassJanuary 18, 2021
Protect Your VPN Access with Multi-Factor Authentication
With remote work steadily on the rise over the past several years, Virtual Private Networks (VPN) have become an essential tool for organizations around the worldThey provide easy access to and remote control of core business services on the corporate network from outside the office.  As employees continue working from anywhere, VPNs are increasingly used by businesses for everyday tasks. But the same qualities that make VPNs attractive to businesses and their employees – ease of use, single point of access, and secure transmission of data – also make them a target for cyberattack. Insecure home routers, phishing attacks, ransomware and more can all provide an opportunity for hackers. With just one set of stolen credentials or a computer compromised by malware, a hacker can gain access to sensitive data on the corporate network and escalate privileges within the network.

Multi-factor authentication doubles the layer of security for VPNs

The challenge with VPNs is that they don’t require much to verify that an employee is who they say they are. Given that traditional passwords as the leading cause of data breaches, it’s all too easy for them to be stolen or guessed. The best way to mitigate the risks of a VPN is to enable multi-factor authentication (MFA). Multi-factor authentication requires two or more factors in the login experience prior to gaining access. With MFA, after employees enter their credentials to connect to the VPN, they will also be prompted to provide an additional authentication factor to verify their identity. The additional authentication factor is information only an employee could provide – like a face ID, or access to a personal smartphone – thwarting any potential hackers. MFA for VPN is critical to security, especially for a remote workforce.

Securing your VPN with LastPass MFA

LastPass Multi-Factor Authentication adds an additional layer of security with MFA across single sign-on applications, workstations and VPNs With LastPass MFA, IT teams can configure a VPN through the Admin Console and assign the VPN to employees. Once assigned, employees will be prompted for MFA when logging into the VPN which mitigates the risk of fraudulent logins. MFA on VPN adds additional security for the business, without added complexity for employees.
  • Secure access from anywhere: Empower employees to access critical business resources on the corporate network to productive, without compromising on security.
  • Mitigate the risks of remote work: Protect every login with seamless MFA to thwart unwanted and fraudulent login attempts.
  • Increased security, without the complexity: Add an additional layer of security to VPNs without slowing employees down.

MFA for VPN via the Universal Proxy

MFA for VPN is made possible through the LastPass Universal Proxy, which supports both RADIUS and LDAP authentication protocols. The LastPass Universal Proxy extends the reach of LastPass MFA to applications hosted on-premises, such as VPNs. The proxy software, installed within your infrastructure, receives authentication requests from LDAP and RADIUS applications, and coordinates 2nd factor authentication through LastPass' cloud-based Multifactor Authentication Server. The Universal Proxy supports customizable authentication rules, allowing the administrator to decide whether to require primary authentication with the LDAP or RADIUS server. View our list of supported VPN manufacturers:
  • Cisco
  • F5
  • Fortinet
  • Palo Alto Networks
  • Pulse Secure
  • SonicWall
  • OpenVPN

Go beyond password management with LastPass Premium

Experience complete protection of your digital life with LastPass Premium for only $3/month, billed annually, or $36/year. Start your free 30-day trial today!