[Updated 12/7/2021 - Clarity regarding MFA]
Hi, everyone -
We wanted to give you a heads up about a new Sophos Central login experience that will be launching early next year.
Beginning in mid-January when logging in, users will enter only their email address, at which point one of three things will happen depending upon their federation status:
We plan to gradually roll out this new login experience starting in the middle of January, with the goal of completing the rollout by the end of January.
You actually "experience" the change in the way that the sequence and look of the screens are changed to accomodate the inclusion of many IDP (before you actually enter a password) - so it will be a similar "experience" like a Microsoft account login
I understand that MFA is a superset of 2FA, but that doesn't really address the point I made. Is SOPHOS planning to integrate MFA with more providers like DUO to enable push notification/authentiation? This latest announcement suggests that we can use an identify provider like DUO or Microsoft or Google. I'm looking forward to hearing the details.
MFA (multi factor auth) is a superset of 2FA (two factor authentication. You could have >2 factors required for auth depending on the security requirements of the system following the basic idea of 'something you know, something you have, something you are' from the original paper: www.cs.cornell.edu/.../NNLauthPeople.html
Will this finally allow federated users to do a Live Response? The recommendation of using a non-federated account is not ideal.