Protectimus for OWA & EAC
We've created an installer that helps to set up OWA two-factor authentication (Exchange 2013, 2016, 2019) and Exchange Admin Center (EAC) in just a few minutes.
Exchange Server 2013, 2016, 2019
Easy integration
Direct protection for Exchange
2FA for Exchange Admin Center
Group Policies Configuration
Supports OCRA Algorithm
OWA 2-Factor Authentication: Two Options
We offer two solutions for protecting access to Microsoft Exchange Outlook Web Access and Exchange Admin Center with multi-factor authentication
Set up two-factor authentication for Outlook Web App (OWA) or Exchange Admin Center (EAC) using the Protectimus OWA 2FA component. For hassle-free integration, download the installer and setup instructions below.
Set up two-factor authentication directly in Active Directory using the Protectimus DSPA (Dynamic Strong Password Authentication) component.
- configure two-factor authenticationfor Outlook Web App and Exchange Admin Center exclusevely, multi-factor authentication will not be activated for any other services connected to Active Directory
- use either Protectimus Cloud Multi-Factor Authentication Service or Protectimus Local MFA Platform
- configure group policies during installation
- activate two-factor authentication only for the selected Active Directory group;- set the frequency with which users will enter one-time passwords to continue working with OWA, for example, every 12 hours
- use any 2FA tokens for OWA and EAC two-factor authentication – HOTP, TOTP, or OCRA OTP tokens.
After deploying the Protectimus DSPA component in your infrastructure, users’ passwords in AD will consist of two parts: a static part (the user’s standard password) and a dynamic part (a temporary password generated using the TOTP algorithm; the password change interval can be set by the administrator). A sample password of this type might look like “Password123456”, where “Password” is the static part, and “123456” is the dynamic part. A strategy like this enables you to deploy two-factor authentication for all systems connected to Active Directory at once, including Outlook Web.
To use the Protectimus OWA component for multi factor authentication in OWA Webmail login, all you need to do is select a payment plan in our SaaS service. If you need it, the server component is also available as an on-premise platform. Additionally, with Protectimus OWA, your Web Outlook users will be able to use any one-time password delivery method, from email and SMS to hardware tokens.
If you choose the Protectimus DSPA component, you’ll also need to purchase the Protectimus on-premise platform (for which prices start at $199 per month). The range of compatible tokens is more limited: for Microsoft multi-factor authentication via Protectimus DSPA you can choose the Protectimus Smart app, messaging service chatbots, or special hardware TOTP tokens produced only upon request.