Secure your remote access environment against credential theft by implementing robust two-factor authentication (2FA) using One-Time Passwords (OTPs). This essential security feature requires users requesting access to enter a unique OTP token sent from the authentication service to their RSA device. Implement this 2FA mechanism across your GlobalProtect® portals and gateways to ensure comprehensive protection

By default, the app reuses the same credentials used to log in to the portal and gateway. In the case of OTP authentication, this behavior causes the authentication to initially fail on the gateway. The resulting delay in prompting the user for a login often leads to the time-sensitive OTP expiring before it can be entered. To prevent this, you must configure the portals and gateways that prompt for the OTP instead of using the same credentials on a per-app configuration basis.