How can we improve the DocuWare Client?

Multi-factor login authentication as a security option

It would be nice to be able to have a multi-factor login authentication as a security option. We have users who work in DocuWare while they are on the road and it would be nice to toggle this feature on/off per user as an extra layer of security.

59 votes
Sign in
(thinking…)
Sign in with: Facebook Google
Signed in as (Sign out)

We’ll send you updates on this idea

Anonymous shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

13 comments

Sign in
(thinking…)
Sign in with: Facebook Google
Signed in as (Sign out)
Submitting...
  • Anonymous commented  ·   ·  Flag as inappropriate

    I have to admit some surprise that Docuware haven’t aleady implemented this. It’s a ‘must have’ when working with personal data.

  • Anonymous commented  ·   ·  Flag as inappropriate

    Lack of MFA support is a really big issue with the current data protection climate. Please sort it out!

  • Nate Howland commented  ·   ·  Flag as inappropriate

    Many companies that assist with GDPR compliance list two-factor authentication for web apps as a "must have" best practice.

  • Nigel commented  ·   ·  Flag as inappropriate

    Please implement this solution so that customers and admins are more secure. Without it, and without a proper password policy, people can login infinitely with the user/admin credentials. This is unsecure.

    With TOTP/OTP/2FA solution people need the username, password and temporary code to login. This is way more secure.

  • Louis Marascio commented  ·   ·  Flag as inappropriate

    This is a big gap in functionality in today's security environment. 2FA is a must have for any system that holds sensitive information.

  • Hal Hamilton commented  ·   ·  Flag as inappropriate

    We have several clients that are already using two factor authentication and are wanting that ability with DocuWare on-premise and cloud. We are also hearing from other clients that they too need to adapt to two factor authentication due to the material and information that their Fortis/DocuWare systems are handling such as SS#, HIPAA information, FERPA, etc. This needs to be added to the road map as soon as possible.

  • Cory Van Dyke commented  ·   ·  Flag as inappropriate

    Organizations that store SSN/credit card info must adhere to PCI standards/compliance. Taken from PCI security document "Implement two-factor authentication for all remote network access that originates from outside the network, by employees, administrators, and third parties including vendor access for support or maintenance. Examples of two-factor technologies include remote authentication and dial-in service (RADIUS) with tokens; terminal access controller access control system (TACACS) with tokens; or other technologies that facilitate two-factor authentication. Using one factor twice (e.g. using two separate passwords) is not considered two-factor authentication."

Feedback and Knowledge Base