Support Additional MFA Providers

What is the challenge?	Aha! currently supports Duo for two-factor authentication (2FA). However, many organizations standardize on other MFA providers such as Microsoft Authenticator, Okta Verify, or Google Authenticator. Relying solely on Duo creates: Additional friction for users who must adopt a separate authenticator app just for Aha! Misalignment with established corporate security policies and identity platforms. Increased support overhead for IT/security teams managing multiple MFA methods. DUO Subscription costs
What is the impact?	High for organizations standardizing on Microsoft 365, Okta, or other identity platforms. Medium effort depending on the integration approach chosen.
Describe your idea	Introduce support for additional time-based one-time password (TOTP) or push-based MFA providers, specifically: Microsoft Authenticator Okta Verify (Optionally) Google Authenticator, 1Password, and other TOTP-compatible apps. This could be delivered through: Native support for multiple MFA apps Standards-based MFA integration (e.g., TOTP RFC 6238, WebAuthn, or SAML/SCIM extensions) Admin-configurable MFA policy, allowing organizations to choose which authentication methods users can enrol in. Expected Benefits Aligns Aha! with enterprise security ecosystems and identity management solutions. Reduces onboarding friction by allowing users to continue using their existing authenticator apps. Supports broader compliance needs for organizations with strict MFA policies. Improves user satisfaction by offering flexibility and reducing dependency on a single vendor. Success Metrics Increased adoption of MFA within customer accounts. Reduced support tickets related to Duo setup and MFA access. Positive customer feedback on authentication flexibility.

What is the challenge?

Aha! currently supports Duo for two-factor authentication (2FA). However, many organizations standardize on other MFA providers such as Microsoft Authenticator, Okta Verify, or Google Authenticator. Relying solely on Duo creates:

Additional friction for users who must adopt a separate authenticator app just for Aha!
Misalignment with established corporate security policies and identity platforms.
Increased support overhead for IT/security teams managing multiple MFA methods.
DUO Subscription costs

What is the impact?

High for organizations standardizing on Microsoft 365, Okta, or other identity platforms. Medium effort depending on the integration approach chosen.

Describe your idea

Introduce support for additional time-based one-time password (TOTP) or push-based MFA providers, specifically:

Microsoft Authenticator
Okta Verify
(Optionally) Google Authenticator, 1Password, and other TOTP-compatible apps.

This could be delivered through:

Native support for multiple MFA apps
Standards-based MFA integration (e.g., TOTP RFC 6238, WebAuthn, or SAML/SCIM extensions)
Admin-configurable MFA policy, allowing organizations to choose which authentication methods users can enrol in.

Expected Benefits

Aligns Aha! with enterprise security ecosystems and identity management solutions.
Reduces onboarding friction by allowing users to continue using their existing authenticator apps.
Supports broader compliance needs for organizations with strict MFA policies.
Improves user satisfaction by offering flexibility and reducing dependency on a single vendor.

Success Metrics

Increased adoption of MFA within customer accounts.
Reduced support tickets related to Duo setup and MFA access.
Positive customer feedback on authentication flexibility.

Attach files

Enter a subject

Idea management by

Create your own ideas portal to crowdsource feedback

Share your product feedback

Please enter your email address

RELATED IDEAS

Support Additional MFA Providers

Expected Benefits

Success Metrics