Hola! ¡Tenemos nuestra Comunidad en Español!

Two-factor authentication for HubSpot portal

I was surprised this wasn't already a feature of HubSpot, especially where our databases are filled with our lead's information. I would like HubSpot to add 2FA to their system. Something we can integrate with Google Authenticator would be ideal. It adds an extra layer of security that we would appreciate. 

58 Replies
mrmattwright
New Contributor

Upvoting this too....I just enabled 2 Factor for Gmail as part of our readiness for GDPR, so until this feature is added to hubspot I'm not sure we can use it, which is a shame because our salespeople really wanted this as a solution. 

robsoninc
New Contributor

Every other tool our team uses has 2FA. C'mon, it shouldn't have taken this long to still not have a resolution.

James_NYC
New Contributor

2FA is definitely needing to at least partially safeguard this sensitive information. 

 

What are your plans for implmenting it in 2017-18?

Richards
New Contributor

Not only do we need at least 2FA but single sign on would almost be mandatory. WIth GDPR here in Europe imminent the abilty to protect customer data by ensuring that all views are recorded and who is viewing will be a mandatory requirement for companies in complying with GDPR

Richards
New Contributor

I agree, Hubspot are dragging their feet on security. All our data is at risk if they dont fix this. Not only should they be looking at 2FA but also single sign on.

Hubspot appear to offer Google Identity Platform, however this is not a platform that offers the security and glanurality that is need to truly secure data. Not only do we need to control access we need to know what data has been compromised. Hence what is really needed is single sign on through something like OKTA so that you can limit access to VPN or specific IP.

 

Come on Hubspot join the 21st Century!!

jackea
Occasional Contributor

100% AGREE with all comments regarding GDPR compliance in users. 2fA for HubSpot isn't a nice-to-have feature - it's going to be an essential security measure for some companies in the near future.

This NEEDS to be rolled out ASAP. This Idea was first raised 7 months ago and look how much demand there is for it.

CC: @dilloncompton

Richards
New Contributor

Not only do we need 2FA and SSON but the admin in Hubspot needs the ability to:

 

1. Force reset an account by removing the existing password and then sending a temp password. The existing arrangment is not fit for purpose as it is up to the user to apply a new password. 

2. The only way to deal with the above is to delete the account but that means an admin nightmare to re-allocate the accounts.

 

Unless anyone out there knows different.

 

I have reported Hubspot to the UK Info commisioners office as I believe that Hubspot cannot offer the proper security under safe harbour. I await the reply from the ICO

HubSpot Product Team
HubSpot Product Team
updated to: In Beta
 
Richards
New Contributor

Hi Dillon

 

How do we get on the beta program, love to help.

 

Richard

TheOtakuBox
Occasional Contributor

No 2FA is incredibly insecure. And not via SMS either, which has known security flaws. App-based, like Authy.