If you’ve heard that 80% of all data breaches are related to passwords, then you understand the need for two-factor (2FA) or multi-factor authentication (MFA). However, while you want to protect your users and data, you don’t want a convoluted solution that creates more problems than it solves.
So which 2FA/MFA tools do MSPs really use and recommend? James Forbis who provides IT consulting in Cincinnati shares his research.
Duo, which is now owned by Cisco, comes highly rated by multiple MSPs. In fact, some MSPs believe you’d have to be a fool to use any other tool, which would be inferior. Instead of setting up authentication built into multiple platforms, you can rely on Duo as your singular, easy-to-use, solution that integrates via API or SAML. Should you need to revoke authorization for a user, you can simply disable their Duo account. In fact, you can use Duo as a single sign-on (SSO) platform if you’d like. Duo offers a 30-day free trial, so you can see why everyone likes it so much. However, not everyone can afford Duo, which is why you might explore the 2FA options below.
Secret Double Octopus
Secret Double Octopus offers “passwordless” cost-effective, multi-factor authentication whether logging in through the cloud or on-premise. You can protect your assets while offering access to authorized users. The developers focus on legacy applications that may not be protected by other 2FA tools. Secret Double Octopus advertises its compatibility with any VPN in addition to a staggering number of integrations, including Okta. Just as staggering, Secret Double Octopus can be set up for over 10,000 users. You can also use it as an SSO portal, too.
If you struggle to find a compatible 2FA solution for the apps you use, check out Okta. This “Identity Cloud” works with every app thanks to API access, and you can use it to manage both employees and clients. You can apply adaptive multi-factor authentification to both workforce and customer identities. From security questions all the way to biometric sensors, Okta has plenty of options that work right out of the box with even more options once you customize it. Provide employee access to any server via the cloud or set up B2B integration for your clients via Okta. And if you think it’s difficult to set up, think again. Okta is designed to work out of the box with your existing SSH and RDH tools; although, you can certainly customize it to work with other APIs.
While some solutions on this list are password managers that offer multi-factor authentication that can be used by MSPs, Myki’s advertised as a password-management and 2FA tool specifically for MSPs. Choose whether you want to use Myki internally, as a reseller, or deployed across your customer base. That flexibility benefits from the user interface, a single location where you can manage both internal and external passwords. Myki promises the security of an offline password manager and the convenience of a cloud solution.
Keeper has options for businesses, enterprises, and MSPs; although, it’s not the best-known 2FA solution on this list. Keeper is originally a password manager that generates secure passwords for users and stores them in individual password vaults, reducing the need to remember or reset passwords. Keeper includes the option for administrators to force two-factor authentication. Keeper also has a folder sharing function and offers secure storage.
Although 1Password doesn’t have an option for MSPs, the business plan may be an affordable option for MSPs that only have a few users. It starts at $7.99 per user per month. Each of those users can easily be grouped with others or assigned custom roles. Administrators can force multi-factor authentication and create security rules based on IP addresses or locations, which makes 1Password a convenient option. Other useful features of 1PAssword include the ability to check if an email address has been part of a data breach and user data logs. If you like the features of 1Password, it works well with Duo, Okta, and Active Directory.
There are always other 2FA solutions to consider if the ones on this list don’t meet your company’s or client’s needs. These are simply the most commonly recommended 2FA tools by other MSPs.