When receiving Email Scout Reports, the client wants the email users to have to authenticate using their email user passwords when viewing the content of the message. This is in case the messages are false positives that contain confidential information to stop unauthorized access to these messages.
When a user sets up two-factor authentication in Mail Assure, there is no recovery code given after finishing setup. When logging into Mail Assure, there is no prompt for a recovery code, and nowhere to put in a recovery code in case a user encounters issues with 2FA. After a user sets up 2FA for their login, they have a button which provides them with Backup Codes in case they encounter issues with 2FA (this provides ...more »
Would like to see the Pingid product by https://www.pingidentity.com integrated for 2 factor authentication when logging into N-Central.
The fact that enabling 2 factor support for the product admin disables the ability to login to the port 10000/admin page is a huge security problem. Second to that the fact that having two factor enabled locks out the product admin when the password expires and needs changing is a major problem as well. We shouldn't have to resort to either turning off 2 factor or contacting support to unlock our accounts everytime ...more »
It would be nice if there were an option to have the verification code text to my phone number rather than sent to a smartphone app. Having to open my phone and then the app is slightly clumsy. I'd rather MSP 2fa work similar to Google App and Office 365 2fa, with a simple text msg.
Please add a setting which allows you to set the desired session timeout value. For instance, it would be great to be allowed to be logged in for one working day even if you don't click around every two minutes. This is the same request that's was made for the MSP Service Desk. As the administrator of the portal I would like to have control over the log out time. I assume the risk if I change away from the default setting. ...more »
i was told that the App will not work with accounts with two-factor turned on. i would like to see this completed.
it is security risk not to have the two-factor and in order to get my techs access on the mobile app i either have to turn it off or create a new user with out it.
this is not an acceptable option, and i cannot understand how it was overlooked?
We've been able to provide access to client dashboard in the past without clients needing to remember their credentials. With the Single Sign-On through https://www.navigatorlogin.com/ an authentication token is generated.
We need to be able to generate or retrieve this token via an API call. User credentials and Authentication token are now both required.
DUO offers a push option which allows you to simply select "Approve" or "Deny" on the phone rather than to gather an ID to be typed in on the dashboard web interface.
This would be a much simpler option for 2-factor authentication.
You can see more information about how this works here:
On newer agents (9.8.5 in particular), when you run it locally, it has the username filled in already. I used the Remote Worker site installation package on a system, then ran the Agent locally and it showed the email/login for our main Agent Key username. I logged in with my credentials, then the next time I ran the Agent it had my email/login stored.
The username box should be blank by default.