Xplenty introduces SSO (Single Sign-On) and 2FA (Two-factor Authentication) that allows users to have greater control of access permissions within the organization.
What is Single Sign-on?
Single Sign-On (SSO) is a user authentication service that allows one set of login credentials to be used to access multiple apps. SSO can be used by SMBs or large enterprises to ease the management of various usernames and passwords.
Single Sign-On provides a way to log into a service, such as Xplenty, via your enterprise account like GSuite or Salesforce. For users, it offers a convenient and safe alternative to maintaining separate credentials for various service accounts. For organization admins, it allows increased transparency and greater control of access permissions within the organization.
Google's GSuite IdP and the Salesforce IdP will be supported on release, with many more Identity Providers available on request!
What is Two-factor Authentication?
Two-factor Authentication (2FA) is a method of authentication which requires the user to submit two different secrets to complete their login attempt. The first secret is usually the user's password for the website, while the second secret is usually a one time password generated on a device owned by the user.
The second factor is usually something that is more unique or personal to the user, so should an attacker find out the password, they would still be unable to log in. As such, two-factor authentication adds an extra layer of security to the login process.
Xplenty uses a time based One-Time-Password scheme for the second factor. Once you turn on 2FA, Xplenty will request a 2FA code after you submit your password on our login page, every time you want to log in.
Enable SSO & 2FA with Xplenty
To enable 2FA on your Xplenty account, head over to the settings page, where you can find 2-Factor Auth under the "Your Settings" section. Enter your current password and click the Enable button to start your enrollment.
Xplenty users may request SSO to be enabled on their preferred Xplenty accounts. Users within the organization will then be able to sign in via their enterprise identity provider while also getting automatically added to their organization's Xplenty Accounts for greater visibility of projects.