Idea

2FA - 2 factor authentication

  • 7 October 2020
  • 11 replies
  • 1442 views

Userlevel 4
Badge

Hi, I would love to increase login security by enabling 2FA (2 factor authentication). For example through Google Authenticator, Authy, etc.


11 replies

+1. We’re a small team (<20) but require 2FA for cloud services as a basic security measure.

I get why SSO is an enterprise feature (you got bills to pay like the rest of us), but could you add the means to use and require 2FA to the team/professional plan? Simple app type integration would be fine, though proper SAML would be ace so that we can use Duo or the like.

+1. 2FA for the team/professional plan would be amazing.

2FA for accounts should be a mandatory feature for any SaaS. We don’t necessarily need centralized management for it (e.g. enforcing all team members to turn it on), which can be kept on the enterprise plan. 

We really need 2fa to be part of basic package

2FA really needs a theme, especially when a user can create a password for himself 12345678 and no one can forbid him, 2FA should be on all plans starting with TEAM. It is strange that Miro does not have a strict password policy, not 2fa, apparently it has not been hacked for a long time. I hope it will be implemented soon.

Badge

You need to fix this. This is a major vulnerability and 2fa should be standardin 2021!

Badge

We’ve asked everyone on our team to sign in with a federated account, for us we use Azure AD so we all authenticate using the orange O icon.

By using federation our IT team can remove access when needed and they are able to enforce 2FA wherever we use our work credentials. I imagine if you use Google Workspace(?) for accounts then you can probably do the same. Join the team using your work Google Accounts and remove your local Miro account. Enable 2FA in Workspace. Use 2FA when you authenticate.

It does need someone to catch those people who sign up with local accounts however for us using AAD we have a public domain alias for our emails so we can see easily those members of the team that accidentially joined using their public email address and prompt them to use their federated account instead.

It’s not SSO but federation is close enough for us just now. We can manage and enforce the policies we need –including 2FA.

+1

Userlevel 1

This urgently needs to be a added as a basic feature.

+1 for this request.

 

Not having 2fa creates a real security risk for teams using Miro and means that we have to spend a lot more time clarifying what sort of information should be stored on the platform...ultimately it limits our use of the platform.

You need to fix this. This is a major vulnerability and 2fa should be standardin 2021!

+1 Totally agree

Reply