Digital Exchange Community

 View Only
last person joined: 15 hours ago 

This community is a place to discuss Blue Prism DX assets and development.

Just Say "Yes" to Multi-Factor Authentication

By Paul Nerger posted 02-28-2022 10:43


What is Multi-Factor Authentication?

Multi-Factor Authentication (MFA) is a common technique used by IT departments to secure access to applications.  MFA encompasses Two Factor Authentication or 2FA and is an authentication method that grants access to websites or applications only after the user presents two or more pieces of evidence (or factors) of who they are.  MFA protects user data-which may include personal identification or financial assets-from being accessed by unauthorized third parties that may have discovered, for example, a single password.  It sounds more complicated than it is, so let me give you an example.

You probably have automation that login to applications or websites in which a six-digit code is sent to your phone by the server you need to enter to gain access.  That's Mult-factor Authentication.  The first factor is your user name and password, something you know; the second factor is your mobile phone, something that you have.  You don't get access to the system until you can prove you have your phone by entering the six-digit code sent to your mobile phone.

But there are other techniques.  RSA hardware tokens generate a time-based code to prove that you physically possess the hardware token; again, it is MFA.  Many services on the Internet, such as Office 365 and Google Apps, use software authenticators that comply with standards as their MFA.  Once MFA is enabled for an application or service, it is much harder to hack.  Typically, these approaches use standard-based Authenticator Apps such as Microsoft or Google Authenticator.  There isn't a hardware token, but an app stores software tokens to generate the codes.

But what do you do about MFA for a Blue Prism Digital Worker?

Well, you could tell the IT department to turn off the MFA security, but I wouldn't recommend that.  It will cause InfoSec professionals to go ballistic.  You might be able to build yourself an authenticator app, but that will be a lot of work.  Or, you can "DX before you DIY" because you might be surprised.

There are two Assets on the DX that will perform MFA.

  • Our great friends at Reveal Group have created 2-Factor Authentication, which generates six-digit Time-based One-Time Password (TOTP) for use on Google or Microsoft.  It's a popular DX Asset and is straightforward to use.
  • And, our own @Eric Wilson has created the Blue Prism Authenticator - 1.0.0, which generates token keys for Microsoft, Google, and many more apps.  Eric's new Asset requires more to set it up, but it is more flexible and can create keys at any length using either TOTP or HMAC-based One-Time Passwords (HTOP). 

So, the next time your automation needs to perform MFA or 2FA, just say, "Yes, of course, it's on the DX for download."

For more information on these two MFA Assets, just click on the links above which will take you to the DX.


Recommended For You

This content has been recommended for you based on your profile information (e.g. no. of digital workers & experience)

Please update your profile information to view recommended content

Welcome to the Blue Prism Digital Exchange Community!

The Blue Prism Digital Exchange is a "shop window" for new and emerging technologies—a platform that puts powerful RPA and AI capabilities into the hands of business leaders. Users can find and apply pre-built AI capabilities, in the form of downloadable integrations and Visual Business Objects (VBOs), to automated processes. These assets connect and integrate Digital Workers, existing systems and processes to Blue Prism's technology partners, creating a solid foundation of AI-enabled Intelligent Automation that's scalable and sustainable.

Blue Prism Digital ExchangeDX Asset IdeasContact DX Support


The Blue Prism Digital Exchange (DX) is an online marketplace where businesses can instantly access, apply and share pre-built AI, cognitive and advanced RPA technologies from best-in-class providers. These assets easily connect to existing digital workers, systems and processes to enhance automation capabilities.
The Digital Exchange is free to all users. Most of the content on the DX is free to download but there are some submissions that do have a cost associated. The submissions with a cost are advertised on the asset card and profile. No unwanted costs will be applied to any users.
You can visit and browse the Digital Exchange here. If you would like to consume or download any material it is necessary to create an account on the Blue Prism Portal first.
Everyone can access the Digital Exchange and consume the assets on it. If you would like to contribute to the marketplace it is necessary that you create an account and sign up as a partner.