Team: Huntress EDR
Product: MFA / 2FA, SSO / SAML, TOTP / OTAP, Duo
Environment: Huntress.IO management portal
Summary: 2-factor authentication (2FA) / Multifactor Authentication (MFA) is MANDATORY for all Huntress accounts.
Why Huntress enforces multi-factor Authentication (MFA)
In this article
We're enforcing 2FA to enhance the security of our platform and our partners. Relying on just a strong password is not always enough to protect you. With 2FA, a compromise of your password will not grant access to your Huntress account. So, even if your password is taken or your phone is missing, the chances of someone else having access to both factors is unlikely.
Opt-out / disable enforced MFA
Multi-factor authentication cannot natively be turned off. On a case-by-case basis, the Huntress Team can disable enforcement of 2FA/MFA if needed, but it is otherwise mandatory.
Enforced MFA FAQ
I already use DUO but I'm (we're) being prompted to set up a TOTP/OTAP method, did I do something wrong?
At this time, even if you have Duo, Huntress will prompt you to set up a TOTP/OTAP method. In these cases, we're recommending that our Partners add the additional method to their Duo App.
I have 2FA/MFA at my SAML provider already do we still have to set up MFA in Huntress?
When SSO has been configured and established, admins can disable 2FA on the account - then users can individually remove their 2FA authentication methods within Huntress account preferences.