Support Additional MFA Providers

Aha! currently supports Duo for two-factor authentication (2FA). However, many organizations standardize on other MFA providers such as Microsoft Authenticator, Okta Verify, or Google Authenticator. Relying solely on Duo creates:

• Additional friction for users who must adopt a separate authenticator app just for Aha!

• Misalignment with established corporate security policies and identity platforms.

• Increased support overhead for IT/security teams managing multiple MFA methods.

• DUO Subscription costs

High for organizations standardizing on Microsoft 365, Okta, or other identity platforms. Medium effort depending on the integration approach chosen.

Introduce support for additional time-based one-time password (TOTP) or push-based MFA providers, specifically:

• Microsoft Authenticator

• Okta Verify

• (Optionally) Google Authenticator, 1Password, and other TOTP-compatible apps.

This could be delivered through:

1. Native support for multiple MFA apps

2. Standards-based MFA integration (e.g., TOTP RFC 6238, WebAuthn, or SAML/SCIM extensions)

3. Admin-configurable MFA policy, allowing organizations to choose which authentication methods users can enrol in.

Expected Benefits

• Aligns Aha! with enterprise security ecosystems and identity management solutions.

• Reduces onboarding friction by allowing users to continue using their existing authenticator apps.

• Supports broader compliance needs for organizations with strict MFA policies.

• Improves user satisfaction by offering flexibility and reducing dependency on a single vendor.

Success Metrics

• Increased adoption of MFA within customer accounts.

• Reduced support tickets related to Duo setup and MFA access.

• Positive customer feedback on authentication flexibility.