Yubico Forum

I have successfully setup SAML/Yubico authentication for my Google Apps (Admin) account with info gained from:

http://wiki.yubico.com/wiki/index.php/S ... StepByStep

which allows me access to my Apps services via http://www.google.com/apps/intl/en/business/index.html

But I can also access the same Admin account (CPanel/Dashboard) via https://www.google.com/a/[domain]/

which only accepts authentication using a username and password!

How do I ensure that entry to the Admin Dashboard page also takes place vis SAML/Yubico authentication?

Many thanks in advance.

Bump!

Same issue here, could someone please advise? This is a major problem with using yubikey.

The admin panel is separate to user login.

It it designed to allow access without SAML (how else can you login if your SAML has gone bad?).

My suggestion would to be use a long complex password for Admin Panel access, and limit the number of administrators.

I have found myself if you login, then click the "Manage this domain" link, you don't need to re-authenticate.

Remember with Google Apps, there are still some services that use your password, Yubikey is not an excuse to use poor passwords underneath. In the ideal world you would use your Yubikey with SAML as a two factor authentication, this way you get the benefits of OTP plus something you know.

Cheers,
Arron

http://www.totali.co.nz/