Skip to content
Last update: 2022-07-05

Sophos Firewall and third-party authenticators

You can use an authenticator application, such as the Authenticator feature of Sophos Intercept X, Google Authenticator, or any other third-party application to authenticate with Sophos Firewall.

Warning

Sophos Authenticator is reaching the End of Life (EOL) on July 31, 2022. Users setting up multi-factor authentication for the first time can no longer download Sophos Authenticator. They must use another authenticator application, such as the authenticator feature of Sophos Intercept X, Google Authenticator, or any other third-party application. Users already using Sophos Authenticator can continue using it. However, we recommend these users migrate to another authenticator application. See Migrate to another authenticator application.

The following table shows your sign-in options when using Sophos Firewall as a multi-factor authentication (MFA) server, and you use third-party authenticators. In these examples, you configure one-time passwords (OTP) on Sophos Firewall.

Login facilities Google Authenticator

(Android, iOS)
Duo Mobile

(Android, iOS)
Okta Verify

(Android, iOS)
Microsoft Authenticator - Azure MFA

(Android, iOS)
User portal Password and OTP Password and OTP Password and OTP Password and OTP
Web admin console Password and OTP Password and OTP Password and OTP Password and OTP
SSL VPN (remote access) Password and OTP Password and OTP Password and OTP Password and OTP
IPsec (remote access) Password and OTP Password and OTP Password and OTP Password and OTP

Restriction

On iOS and Android, the QR Code scan doesn't work with the Okta application. To add an account, enter the BASE32 secret manually.

On iOS, the QR Code scan doesn't work with Google Authenticator, Duo, and Microsoft Authenticator. To add an account, enter the BASE32 secret manually.

More resources

Back to top