Fortinet 2FA Requirement: What your organization needs to know
July 08, 2024 •
The popular VPN and firewall service provider, Fortinet, is taking a strong stance on security by enforcing the adoption of two-factor authentication (2FA) across its entire user base. Learn about the new Fortinet 2FA requirement and how to get your organization ready before the deadline.
What is the Fortinet 2FA requirement?
Starting on July 24, 2024 all Fortinet customers are required to have two-factor authentication (2FA) enabled on their accounts. This requirement applies to all types of users, including master users, sub users, IAM users, and organizational unit users.
If 2FA has not been enabled by the administrator by the cut off date, Fortinet has said they will be automatically configuring 2FA on accounts. The default method will be Email OTP, and if users no longer have access to the email address on file for their Fortinet account, login complications could arise.
Why did Fortinet introduce a new 2FA requirement?
Fortinet has stated a commitment to higher security standards, and cited two factor authentication as a necessary tool to achieve strong security that protects people and organizations from malicious actors.
This is in line with guidance from the National Institute of Standards and Technology (NIST) who recommend two-factor authentication — also known as multi-factor authentication (MFA) — to be implemented to prevent cyber attacks. Research shows that MFA can prevent up to 99.99% of attacks caused by compromised accounts.
Companies have been under pressure recently to take a stronger stance on enforcing MFA, as cyber threats continue to escalate. The cloud data warehouse company, Snowflake, is being criticized for poor MFA management controls that caused a damaging attack, which has seen cascading breaches ripple through the supply chain.
Fortinet’s new MFA enforcement rules will ensure better baseline security for all its customers.
How can I set up 2FA for Fortinet
Fortinet has released the following steps to enable 2FA:
- Download the FortiToken application on Google Play or the Apple Store.
- Take the following steps to enable 2FA:
- Open https://support.fortinet.com and log in.
- Select Account at the top-right of the portal and select Security Credentials.
- Select Two Factor Authentication in the navigation pane to open the Two Factor Authentication page.
- Select Edit and Enable Two 2FA Factor Authentication.
- Select the 2FA option of FortiToken.
- Verify the account password and select Submit.
- Select Test Token Now to verify 2FA has been enabled.
- Enter the security code and select Submit (Note: A dialog opens if the test is successful.)
- Log in using the proper credentials and use FortiToken to verify the account.
What are my other 2FA options?
If you want more flexibility and control over 2FA for your Fortinet appliances, you should consider a third-party 2FA/MFA solution.
Third party 2FA tools allow administrators to centrally manage 2FA operations across all their applications and services. End-users can login everywhere with the same 2FA token, eliminating friction and confusion when it comes to logging in, and reducing help desk calls.
Third party 2FA solutions also offer additional authentication methods other than just software tokens and email one-time-passwords. You can choose from a wide range of methods that work for your end users.
Try LoginTC 2FA for Fortinet
If you’re interested in trying a third party 2FA solution to meet your Fortinet 2FA requirement, then LoginTC might be right for you.
LoginTC is an easy to use 2FA solution that connects seamlessly to your Fortinet appliances, and leverages your existing environment and user information for a fast deployment.
Start a free trial today to get started.