Multifactor Authentication (MFA) needs more options

  • 2
  • Question
  • Updated 6 months ago
With most enterprise products, there are far more options for integration with multifactor authentication methods.  Specifically, Google Authenticator, DUO, RSA, simple email (although relatively weak), etc.  I only see the SMS/Voice option which has been deprecated by the NIST as a valid option since mid-2016.  Are the plans to put other MFA options in the near future?   I'd love to hear from a Sharefile Product Manager with thoughts/plans.

Given the amount of other topics already brought up (e.g. being able to see what users have enabled MFA, making MFA the default and/or enforced option, etc.), I think the authentication features of Sharefile need serious attention.
Photo of dungeoncrawl

dungeoncrawl

  • 28 Posts
  • 13 Reply Likes

Posted 6 months ago

  • 2
Photo of Renaud

Renaud

  • 18 Posts
  • 6 Reply Likes
Nothing stops you to use any of the MFA solution you mentionned above.
I usually use DUO with my ShareFile accounts, setup is easy.
Photo of dungeoncrawl

dungeoncrawl

  • 28 Posts
  • 13 Reply Likes
Can you elaborate?  Specifically for DUO, they talk about a necessary, separately billable "gateway" product that you have to purchase from them and deploy onsite.   Also, I don't see any way to configure simple email, Google Authenticattor, etc.   Would love to know how to set up all of these.
Photo of dungeoncrawl

dungeoncrawl

  • 28 Posts
  • 13 Reply Likes
Still see no way to make this work as Renaud mentions above.  Any guidance on the easy setup is appreciated. ;)
Photo of dungeoncrawl

dungeoncrawl

  • 28 Posts
  • 13 Reply Likes
I made mention of that product in my first response to you.  It's a separate product that you have to purchase, and then deploy in your environment.  Most products I've worked with have the ability to work with DUO, email, etc. right in the product without having to purchase additional products.  It's odd that a company as big as Citrix, with a widespread use product like Sharefile, doesn't have a "box to check" to integrate with DUO, email, and others.

Can you elaborate on your comment where you say "Nothing stops you to use any of the MFA solutions you mentioned above" regarding email as the second factor MFA?

Side Note:  Once we moved from the trial to the paid version, I now DO see the ability to enable Google Auth as a 2nd factor built directly into the product.  Nobody in support told me that even though my questions were "isn't there anything else built in other than SMS and voice?"  Their response was "No".  I'm thankful that Google Auth is in there natively.   It's that exact type of native integration with MFA that I'd expect to see with email, DUO, possibly others.