2 Factor Authentication

Related products: User Management Apps and Integrations

We would love to see 2 factor authentication added to Guru. This is becoming a requirement across our company for all applications we use. It brings an extra level of security which is extremely important in our hybrid and remote world.

Thanks for the suggestion @Allison Lempa!

At the moment, this is not something we are considering implementing natively. Because single sign-on (SSO) is included with all Guru plans, we recommend 2FA be implemented through your SSO provider for additional security.

I hope that is helpful context, but please let me know if you have any additional questions!

Updated idea statusOpenWon't Do

This is very unfortunate. There are a whole set of different challenges around SSO implementation which make it all the more difficult to collaborate with external parties. I know because I’ve done this many times in our organization. SSO is great if you are only using the platform internally, but when you also want to share externally using the domain allowlist you have built into your platform, have 2FA makes things work a lot more smoothly with external folks. Could you please re-consider your stance on this? It’s not hard to implement, and in fact even if we have the option to implement SSO, not everyone does, therefore by not having 2FA in your platform you might actually be increasing security risk by not implementing it. Happy to discuss in more detail anytime.

Thanks for sharing the specifics for your setup @DEREK ARSENAULT. I can see how the current option isn’t ideal for you. To offer some clarity, in this case the “Won’t Do” doesn’t necessarily mean that we’ll definitely never ever do this. Instead, it’s to show that at this point, we believe the SSO option works for most of our existing customers and prospects and we have no plans to add 2FA in the near term future. We didn’t leave the post as “Open” because it might have indicated that we don’t yet have a clear position on upcoming work related to this area, but I will update the status to “Open” in case others in the Community have similar use cases they would like to share. 

Updated idea statusWon't DoOpen

Thanks @Jon Saft please let me know if you would ever like to have a call to discuss. I can share more specifics on the use-cases / scenarios.

The following idea has been merged into this idea:

All the votes have been transferred into this idea.

The following idea has been merged into this idea:

All the votes have been transferred into this idea.

I feel like this should be a higher priority. It’s an easy implementation that will help increase security. We are soon making it a requirement that all applications need to have 2FA/MFA and I would hate to have to migrate away from a great platform because of something like this. SSO is not an option for everyone and the amount of industry information that gets put into our KB makes it very valuable for us to protect.