Two factor authentication

Planned

Comments

64 comments

  • Official comment
    Sara Høeg Højlund-Rasmussen

    We now support two-factor authentication for new customers using Podio in a Citrix bundle: http://blog.podio.com/2017/03/20/security-features/ 

    New customers (signing up from today) will have the ability to leverage ShareFile’s extensive security features and Single Sign-on to manage their employees on Podio.

    All you need is a ShareFile account for your business (which will be helpful to back-up sensitive files) to keep track of employees and files. You can enable two-step verification, set specific password requirements or use the Single-Sign-on integration from a ShareFile Enterprise version and will automatically use the same features for Podio login.

    This is a small step in the right direction and we hope to make two-factor authentication available for existing Podio customers as well in the future.

    //Sara - Podio

    Comment actions Permalink
  • Marc Potter

    We can add that functionality now with Greytower Identity www.greytoweridentity.com and its actually mutlifactor.

    1
    Comment actions Permalink
  • Lars Pedersen

    +1 for two factor authentication as a part of Podio core.

    3
    Comment actions Permalink
  • Gabriel Jarovsky

    +1 FAST!!! ;)

    3
    Comment actions Permalink
  • Sara Høeg Højlund-Rasmussen

    Hey Jacob

    Thanks for the input - also something we have on the list internally. Thanks for sharing

    //Sara - Podio

    0
    Comment actions Permalink
  • Keller Baum

    +1

    3
    Comment actions Permalink
  • Allan Bjerre Abbondio

    +1 Yes. It's a must.

    3
    Comment actions Permalink
  • Andreas Johansson

    +1 from me as well!

    3
    Comment actions Permalink
  • Ashby Bernardino

    Yes please. Sensitive client info. Need this

    3
    Comment actions Permalink
  • Jim Randell

    I can not agree more highly. this need lots of up votes

    3
    Comment actions Permalink
  • Gabriele Ottino

    +1 !!

    3
    Comment actions Permalink
  • Simon Lidster

    +1

    3
    Comment actions Permalink
  • Nils

    I can't believe this has not been implemented yet. Podio claims that the UN agency on human rights uses their product, but I have serious doubts that their security team would allow that as long as Podio does not support 2FA. Come on guys, you gotta catch up with the rest of the software industry on this one! http://www.cnet.com/news/two-factor-authentication-what-you-need-to-know-faq/

    3
    Comment actions Permalink
  • Michael Meng

    +1

    3
    Comment actions Permalink
  • GCMAG

    +1 a Must

    3
    Comment actions Permalink
  • Mose

    +1
    what happend in the last one and a half year? Come on Podio... It's not that hard to implement there's a RFC for it.
    It's a shame that for such a essential security feature there's no more feedback for OVER A YEAR :-(

    2
    Comment actions Permalink
  • Charlie Lindstrom

    Hi Mose,

    I'm afraid this is not on our immediate roadmap at this point. That said we have not forgotten about it and your votes on it are indeed heard. I will let you know here in this thread as soon as we have any news on it.

    /Charlie - Podio

    -2
    Comment actions Permalink
  • Kenneth Herschel

    It seems a bit irresponsible for a company like Podio - in this day in age - not to offer an extra layer of security.

    Especially considering there are no proper log files and no way for an administrator to control unauthorized access to employees Podio accounts (by IP address limitations or other means).

    As Podio a full circle kind of tool it would be obvious to use it for most work flows and processes in a company. Which also means quite sensitive information would be stored there.

    I mean if Asana can do it through Forced Google sign-in, Basecamp through and Slack through most 3rd party SSO providers I am sure Podio should be to implement such a relative simple 2 step verification layer.

    Google Authentication or SMS verification could be a place to start :)

    Podio is an amazing tool - just not for managing sensitive information currently it seems.

    Hope you'll solve this soon.

    http://socialcustomer.com/2014/04/how-to-enable-two-factor-authentication-on-50-top-websites-including-facebook-twitter-and-others.html

    NB: Above article was posted in April 2014, so companies listed might have improved security since then.

    3
    Comment actions Permalink
  • Alan Harrylal

    Podio, why haven't you yet realized how important 2FA has become, especially for a product like this???
    This discussion was opened almost two years ago now, and STILLLLLLL nothing has been done about it????

    Or am I seriously mistaken, and you have released some sort of announcement that 2FA is coming or already in the process of being integrated???

    Either way, this really needs to be put into your feature road-map, like Yesterday!

    Your customers have been, and ARE STILL, practically screaming and begging for it.

    Thanks,

    Alan Harrylal
    Sr. Systems Engineer
    Synergy Development Consulting.

    2
    Comment actions Permalink
  • Frank M. Merino

    Podio's lack of two factor has put my company in s position to basically look at other options even though we just moved on to this platform over the course of 5 months. So now, yammer and SharePoint combo is under evaluation. I'm hoping that Podio corrects this before the move to those products happen otherwise this is just another example of Citrix grabbing a product and well... Not realizing its potential and watch it go by the waste side.

    Unfortunately, more and more companies are like mine where security is not an option and something like this needs to be there. I think Podio is going to lose a lot of folks because of this. It's a shame because we have really grown to like the product and our customers do too. However the safety of their information is more important.

    2
    Comment actions Permalink
  • Robert Pate

    +1

    2
    Comment actions Permalink
  • Manny Del Val

    2FA is crucial, and would hate to see PODIO go in my organization because the lack of 2FA. I have put in many hours learning PODIO to now see it go to for not. I believe we have a great collaboration tool here but without 2FA it will be removed from many organizations. Lets face it security has become a top priority.

    2
    Comment actions Permalink
  • Alan Harrylal

    Oliver Wray
    Hi Alan, It is correct we do not have this on the current roadmap, however we have it on the list of possible additions - please add your vote to it here to help drive it forward: https://help.podio.com/hc/communities/public/questions/201035838-Two-factor-authentication?locale=en-us

    Thanks for your feedback on this, we really appreciate it.

    //Oliver - Podio

    Hello Oliver,

    Thanks for your reply to my recent post about Two Factor Authentication.

    Oliver, I don't mean to sound crass, and I am definitely not the, "kill the messenger", type, but by your reply, which I am sure resonates within the confines of your Team, more so the developers, it appears that the criticality of implementing such a feature has not yet really hit home.

    The fact that your product is used by companies to collaborate amongst themselves, as well as with other companies, or clients to vendors, and vice versa, means that there is more than likely very sensitive information being exchanged.

    The days of using just a username and password to protect against data breeches, are quickly coming to an end.

    With other services such as PayPal, eBay, Twitter, Google, Yammer, and EVEN Facebook (https://www.authy.com/tutorials/add-2-factor-authentication-facebook/) (and the list goes on), implementing Two Factor Authentication, should attest to why it shouldn't be simply "on a list of POSSIBLE additions."

    A quick search on, <insert favorite search-engine here>, on the advantages of having Two Factor Authentication, and on the statistics showing how hackers are infiltrating company info faster and easier by using techniques such as phishing, brute force attacks, and even social engineering to bypass usernames and password protected sites, should serve as, for the very least, an eye-opener, and motivation for more serious internal discussions about incorporating such a feature as 2FA into your product.

    I hope this harangue is met with the understanding that because Podio is such an awesome product for what it does, and because of the type of information that is exchanged and archived within the product's databases, as well as the demise of the sole use of a username+password combination to secure access to data, your users are going to demand this feature more and more.

    As a matter of fact, it has been two years since a similar discussion was started on your community forum, and it appears that Podio hasn't taken this into consideration, short of "we may EVENTUALLY do it if we get 1 gazillion votes."

    That won't work for the majority of users, and 2FA should be something that Podio puts into development sooner than later.

    Oliver, I ask that you forward this email as high up as you can within your organization, in hopes that it comes before the eyes of the decision makers.

    We need Two Factor Authentication in Podio.....yesterday.

    Thank you kindly for your time,

    Alan Harrylal
    Sr. Systems Engineer
    Synergy Development Consulting
    www.synergyitfirm.com

    0
    Comment actions Permalink
  • Jessica Chaviano

    +1

    2
    Comment actions Permalink
  • Marc Decroos

    Vote +100000000000 (and please fix the vote-up button...i get always the general help page ..)

    3
    Comment actions Permalink
  • David Depry

    +1

    2
    Comment actions Permalink
  • Daniel Karpantschof

    +1

    2
    Comment actions Permalink
  • Daniel Karpantschof

    How is this not a thing yet?! It's absolutely mindblowing!

    3
    Comment actions Permalink
  • Alan Harrylal

    We're almost done with Podio, we're just finishing up with a project, and then we're gone. We're tired of trying to get them to listen to this commonsense request.

     

    They'll learn sooner or later; by that time, it might be too late.

    2
    Comment actions Permalink
  • Sara Høeg Højlund-Rasmussen

    Hi guys!

    We hope to implement this within 2016, as we are working closer with ShareFile this year security improvements will be a big topic. As always, I cannot promise a specific timeframe but we have it on the list.

    //Sara - Podio

    1
    Comment actions Permalink

Please sign in to leave a comment.

Powered by Zendesk