Kaseya Community

Roadmap - Re: Mandatory 2FA

  • Annoyed that in running .28 I have to constantly say "No Thanks" every time to the 2FA authentication setup request.   It's ridiculous you can't turn off the prompting for that on a per user basis.

    Now in the Roadmap discussions, it looks like Kaseya wants to make 2FA mandatory.   How short-sited.

    We run Kaseya internally, on a private network, multiple firewalls, to manage our internal network of ~220 machines/servers.

    We have no need or desire to run 2FA.

    Oscar, can you provide additional insight?   And what do other customers think?

    Need to know if I should start evaluate a different remote management suite.

  • Honestly I'm sorry but even internally with the power that the VSA has, I completely agree with their decision to require 2FA...

  • I would agree that 2FA needs to be enforced, but I would like to see them get the 30 day remembered device options working and or add some other authentication options like SAML.

  • Forget just 30 days. How about simply a trusted device?

  • I would prefer integration with O365 MFA, just because i could event control the authorizations easily with Azure.

  • I guess you don't use backup either on your devices because your network is impenetrable. Not the 1st MSP getting hacked.

  • The on-prem setup for remember devices will let you select 'Never Ask Again' but they have some issues/bugs with that to work out. Our current 30 day setting only lasts about 1 day.

  • We have not received negative feedback regarding this.  If there are suggestions to our native/passly 2FA functionality with VSA, we definitely welcome that.

  • Sometimes it remembers me most of the time not. I can log out of a PC, come back an hour later and I am asked to authenticate again even if I check remember me.

  • I have 17 (just counted them) different accounts that require 2FA. It's become a way of life. Sure, it's an extra step, but I much prefer doing 2FA than explaining to the FBI, a hired cyber-security team, and Executive Management  that reason I didn't have mandatory 2FA  setup was because I was lazy.  Don't *ever* assume your K server is totally secure because your smarter than some genius, state sponsored threat actor. Be humble. It will serve you better.