Multi-Factor Authentication (MFA)

Owned by Roxy Sanchez
Dec 08, 2022

Does your organisation enforce multi-factor authentication (aka MFA and sometimes referred to two factor authentication, 2FA) on all remotely accessible services (both within your internal IT systems and on third party services)?

Where available, MFA is in use for our systems and enforced on all critical systems such as AWS. If MFA is unavailable, we will always seek to use Single Sign On via Google. If neither MFA nor Single Sign On is available, employees are required to store unique and complex passwords in their 1Password application.

For the Commonplace product, two factor authentication is in place for account creation via a personalised link in invitation email, but not on login. A new multi-factor authentication solution is on the roadmap and will be developed in the future.