×

Selectively enabling multi-factor authentication for managed devices

  • US 9,866,546 B2
  • Filed: 10/29/2015
  • Issued: 01/09/2018
  • Est. Priority Date: 10/29/2015
  • Status: Active Grant
First Claim
Patent Images

1. A non-transitory computer-readable medium embodying a program executable in at least one computing device, the program, when executed by the at least one computing device, being configured to cause the at least one computing device to at least:

  • receive an authentication request for a first client application executed in a managed client device, the authentication request including a first authentication factor corresponding to a management single sign-on (“

    SSO”

    ) credential wherein the SSO credential is downloaded to the managed client device during or after enrollment with a device management service;

    determine a version of an operating system of the managed client device;

    determine, at an identity provider service separate from the managed client device, whether at least one second authentication factor should be requested when the version of the operating system corresponds to a particular operating system version; and

    in response to determining that the at least one second authentication factor should be requested based on the particular operating system version;

    request the at least one second authentication factor from a second client application;

    receive the at least one second authentication factor from the second client application; and

    authenticate the first client application in response to verifying the first authentication factor and the at least one second authentication factor.

View all claims
  • 3 Assignments
Timeline View
Assignment View
    ×
    ×