Annoyed that in running .28 I have to constantly say "No Thanks" every time to the 2FA authentication setup request. It's ridiculous you can't turn off the prompting for that on a per user basis.Now in the Roadmap discussions, it looks like Kaseya wants to make 2FA mandatory. How short-sited.
We run Kaseya internally, on a private network, multiple firewalls, to manage our internal network of ~220 machines/servers.
We have no need or desire to run 2FA.
Oscar, can you provide additional insight? And what do other customers think?
Need to know if I should start evaluate a different remote management suite.
Honestly I'm sorry but even internally with the power that the VSA has, I completely agree with their decision to require 2FA...
I would agree that 2FA needs to be enforced, but I would like to see them get the 30 day remembered device options working and or add some other authentication options like SAML.
Forget just 30 days. How about simply a trusted device?
I would prefer integration with O365 MFA, just because i could event control the authorizations easily with Azure.
I guess you don't use backup either on your devices because your network is impenetrable. Not the 1st MSP getting hacked.
The on-prem setup for remember devices will let you select 'Never Ask Again' but they have some issues/bugs with that to work out. Our current 30 day setting only lasts about 1 day.
We have not received negative feedback regarding this. If there are suggestions to our native/passly 2FA functionality with VSA, we definitely welcome that.
Sometimes it remembers me most of the time not. I can log out of a PC, come back an hour later and I am asked to authenticate again even if I check remember me.
I have 17 (just counted them) different accounts that require 2FA. It's become a way of life. Sure, it's an extra step, but I much prefer doing 2FA than explaining to the FBI, a hired cyber-security team, and Executive Management that reason I didn't have mandatory 2FA setup was because I was lazy. Don't *ever* assume your K server is totally secure because your smarter than some genius, state sponsored threat actor. Be humble. It will serve you better.