Secure Authentication Series




All About Mobility and Dynamic Security

Identify True Users


Grant access to classified information to true users with a user friendly and configurable policy. 

Authentication For Different Server 

Flexible and robust design for different server for greater operation. 

Audit Record


Perform Audit with detailed information of log trails, event, token used and all other authentication process.

Enforce Password Policy Using 2-FA


Whether it's mobile or hardware token, Emgraft 2FA & AAA can do PIN Code via SMS, email, Telegram, Soft Token and more.

Why Emgraft 2FA & AAA

Authentication for different types of servers

  • Radius.

  • PAM (Supporting offline OTP).

  • Apache2.

  • Wordpress. 

  • And more.

Enable authentication of users from different databases

  • SQL databases.

  • OpenLDAP.

  • Active Directory. 

  • SCIM Servers. 

Two (2) step verification methods using 2-FA 

  • PIN code via SMS.

  • PIN code via email. 

  • PIN code via Telegram mesanger.

  • Soft Token or Push Token.

  • x509 Certificate Token.

EMGRAFT 2FA has a number of features which are commonly found in RADIUS servers, and additional features which are not found in any other free software server.


  • Complete support for RFC 2865 and RFC 2866 attributes, along with a Vendor-Specific Attributes

  • Authorization types are some of the methods which are supported:

    • AD, LDAP, MySQL DB, PostgreSQL DB, Oracle SQL DB, IBM's DB2

  • Authentication types are some of the methods which are supported:

    • Clear-text password in local configuration file (PAP)

    • Encrypted password in local configuration file.


    • Authentication to a Windows Domain Controller (via ntlm_auth and winbindd).

    • LDAP (PAP only).

    • Kerberos authentication.

    • X9.9 authentication token (e.g. CRYPTOCard).

    • PEAP, EAP-FAST, EAP-TTLS, with embedded authentication methods.

 Emgraft 2FA & AAA in Action


Emgraft 2FA +AAA which is a 2- Factor Authentication (2FA) and “Authentication, Authorization and Accounting” is designed to protect and verify user data and credentials to access confidential data and implement SSO to sensitive application as password word is the first layer of defense in an infrastructure.



  1. The existing authentication system is not compatible with the application which poses a security weakness in data leak and cybersecurity attacks.

  2. Organization has no secure way of verifying true users to access confidential data.

  3. User password can be shared to other users over conversation.

  4. User may use common, default and predictable password.

  5. Attacker may install bugging program to record keystrokes the user enters.

Without AAA, a network must be statically con­figured to control access, IP addresses must be fi­xed, systems cannot move, and connectivity options should be well defi­ned. Even the earliest days of dialup access broke this static model, thereby requiring AAA. Today, the proliferation of mobile devices, diverse network consumers, and varied network access methods combine to create an environment that places greater demands on AAA.

Call us for Emgraft 2FA & AAA 


Free trial 

Get free trial &

IT consult with us. 

 Setting up?

Have a question ?

Call our specialist.


Be a reseller 

Join our affiliate program 

Free Materials 

Need to show Emgraft to your IT security team?

© Emgraft Systems Sdn. Bhd., 2021. All rights reserved.