OneLogin Protect (formerly OTP) 3.3.2 provides administrators with the option to prevent users from using OneLogin Protect on a jailbroken device. We have also enhanced security by preventing clones of the OTP seed from one device to another.
If administrators choose to enable this option, users will see the following message when they attempt to install or use OneLogin Protect on a jailbroken phone:
Your phone appears to be jailbroken. OneLogin Protect has been configured to deny support for jailbroken phones. Contact your administrator for help.
Why are we adding this option and recommending it strongly? For second-factor authentication with OTP to provide a strong second line of defense against intrusion, the device that hosts the OTP app must itself be secure.
On your phone, go to the App Store.
- Select Updates from the menu.
Find the OneLogin OTP or OneLogin Protect app in your app list.
- Click the Update button.
To enable the Passcode requirement, go to Settings > Authentication, select OneLogin Protect from your existing factors or click New Auth Factor to add it, and select Block jailbroken devices when you configure OneLogin Protect.
For more information about OneLogin Protect, see OneLogin Protect for iOS.