2 posts tagged with "2FA"

Many of the high-profile security breaches of the 2010s involved hackers gaining access to username and password pairs. Before multi-factor authentication (MFA) was commonplace, these breaches effectively gave bad actors the keys to the kingdom, since people tend to reuse passwords across platforms and there was no second line of defense against attacks.

Today we have a lot more options for additional authentication steps, which we’ll explore below, while also taking a look at the choices we have made for authentik.

We are happy to announce that our 2024.10 release is ready, and it’s full of great new features and functionality. This release showcases a good balance of additional security hardening and improved usability with faster, smoother workflows.

Every Identity provider and SSO product should be constantly increasing the security and robustness of the code base and new features, and we think it is also important to continuously and explicitly look for ways to enhance our users’ experience and efficiency.

Release 2024.10 includes these major security features: Chrome Device Trust support, JSON Web Encryption, and enhanced CAPTCHA processing. Further highlights of the release include the ability to configure auto-selected 2FA devices, a new task-based structure for our Tech Docs, and a new highly customizable Invalidation flow that can be configured to prompt with multiple logout and redirect options.

This release highlights our commitment to delivering flexibility, security, and optimal user experience in every version of authentik. Take a look at the Release Notes for more details, and read on to learn more about the new features.