Universal 2nd Factor (U2F) Badly Needed ASAP
We have already set up multi factor authentication, but since SMS based 2FA is not 100% secure and becoming less so by the day, we would like to move to U2F which is currently 100% secure. If you are unfamiliar with U2F, here's a link that may help: https://krebsonsecurity.com/tag/u2f/
Redtail’s Product Owner has read the suggestion and there is some internal discussion needed in order to determine next steps.
This suggestion is remaining open and can continue to gather votes and comments!
-
Dustin commented
It's been over two years since anything has progressed here. SMS and voice-based 2FA is *still* not real 2FA. I understand why these methods are allowed, I don't understand why they are the *only* MFA methods allowed.
TOTP-based 2FA (e.g. Google Authenticator) is the minimum these days. Redtail still doesn't have it. U2F and FIDO are quickly catching on too.
It might be a little different if Redtail had good SSO integration, but they don't have that either. You can use Redtail to log in to other things, but not the other way around. If Redtail allowed easy-to-set-up SSO you could just log in to Redtail with your Microsoft 365 account, or Google account, or whatever, and have all the protections (including MFA, conditional access, etc) and one less password to remember.
-
Dustin commented
It's been over a year. Any updates?
-
Trevor Forrest commented
we really need to have this as a broker dealer and RIA, as well as a redtail platform partner.
-
Dustin commented
Agreed 100%. Also, SMS based 2FA is not actually two factor authentication, it is two STEP authentication.
With SMS-based codes, if our hourly employees access Redtail they have to use a PERSONAL PHONE for work purposes.
Redtail could at least implement TOTP-based 2FA. It is not as good as U2F/FIDO and FIDO2, but it is much better than SMS-based verification codes