RADIUS: Security Best Practices

The Big Picture

For the best results, don't forget to implement Control Center Security Best Practices, HYPR Passwordless Security Best Practices, and HYPR Mobile App Security Best Practices.

HYPR recognizes the RADIUS-BLAST vulnerability in legacy MD5-based RADIUS protocols.

To enhance security, restrict RADIUS/UDP traffic between RADIUS clients and the HYPR RADIUS Server to a management VLAN with limited access inside your organization. This approach reduces the attack surface and is preferable to exposing UDP traffic to a broader network or the open internet.

HYPR plans to support more secure RADIUS protocols in the future. Please contact your Customer Success representative for more information.