Multi-Factor Authentication in the DWP Hosting Portal

Owned by Joe Robson (Unlicensed)
Last updated: May 14, 2019
1 min read

As part of our ongoing programme of security improvements on our hosting platform, we are updating the sign-in process with the following improvements: 

SMS: this option may be more convenient for people working in areas with a weak or intermittent mobile phone signal; as an alternative to an incoming phone call, you can choose to receive your one-time passcode by SMS to your mobile phone.  

Don’t ask again for 60 days: Upon successful authentication, an HTTP cookie is stored on the client device for 60 days removing the need to interactively perform 2-factor authentication on every login from that device. The HTTP cookie is a valid 2-factor method as it is something the user ‘has’ as opposed to something they ‘know’. 

Source IP filtering: Authentication can be denied based on the source IP address of the person connecting, which can be used to restrict access to just your corporate network or VPN. Please contact Pellcomp Support If you require this additional layer of security. 

Pellcomp use Microsoft Active Directory Federation Services (ADFS) to provide single sign-on access to our hosting environment. ADFS intercepts requests to URLs for the Hosting Portal, Remote Desktop Gateway and Web Applications, requiring 2-factor authentication before granting access to the requested resource.