Two Factor Authentication
J
Jasmine Wildcat
Allow 2FA to be added to user accounts, rather than just Email/Social-based login.
Adam Laycock
Merged in a post:
Multi-Factor Authentication Support
B
Binding Chameleon
As a security conscious Canny user I'd like it if MFA/2FA was available as this would reduce the risk of unauthorised access to our company's Canny space. I know there was a topic from six or seven years ago, but I figured after so long without any updates, it would be acceptable to create a new one.
Andrew Rasmussen
Promise we'll get to this someday, not sure when yet though. Definitely if we decide to focus on enterprise / larger customers.
Curious, do you prefer 2FA via a third party app like Authy / Google Authenticator or simple SMS? I find the SMS so much easier and simpler but want to survey you since you're interested in using the feature.
B
Bittersweet Macaw
Andrew Rasmussen: 6 years have gone by but 2FA isn't available yet, while it is "industry standard" right now. Both SMS and third party app are fine. Combined is the best (SMS as fallback for example).
C
Citrine Cobra
Andrew Rasmussen: MFA is sorely needed - it's a basic security requirement, there's no longer any excuse.
It should be app-based SMS authentication is insecure and provides far less of a security benefit.
Andrew Rasmussen
Citrine Cobra, Bittersweet Macaw: I also really want this feature for Canny – hoping to get to it by end of year but can't make any promises quite yet.
B
Binding Chameleon
Andrew Rasmussen: I'm glad this is something that is still on the agenda. I know it can be hard juggling customer requests... I mean, obviously it's hard - that's why Canny is such an awesome tool!
Anyway, 2FA would be a fantastic addition, ideally using an app as it's the more secure approach.