User authentication methods and modesΒΆ

User authentication methods

Before establishing connections with server, Fudo authorizes user using one of the following authorization method:


External authentication servers CERB, RADIUS, LDAP and Active Directory require configuration. For more information, refer to the External authentication topic.

Authentication modes

After authenticating the user, Fudo proceeds with establishing connection with the target system using original user credentials or substituting them with values stored locally or fetched from a password vault.

Authentication with original login and password

In this authentication mode, Fudo uses login and password provided by the user upon logon to authenticate the user on the target system.


Authentication with login and password substitution

In this authentication mode, Fudo substitutes user login and password with previously defined ones.

Authentication with login and password substitution enables precise identification of the person who connected to the server, in case a number of users use the same credentials to access the server.



The password to the target system can be either explicitly defined in the account or can be obtained from internal or external password vault upon each access request. For more information, refer to the Password changers and External passwords repositories topics.


In case of Oracle database, the user password and the privileged account password must be both either shorter than 16 characters or 16-32 characters long.

Two-fold authentication

In two-fold authentication mode user is asked for login and password twice. Once for authenticating against Fudo and once again to access the target system.

Related topics: