Mender blog

Two Factor Authentication with Mender User Login

Security and robustness is the prime directive of Mender in doing over-the-air software updates, and we work hard to make sure that directive never goes out of our sight.

Data breaches are the new norm and there are billions of breached logins on the web and in fact in 2017 Yahoo reported a breach of three billion user records. With these credentials in the wrong hands, the bad guys can hijack critical information and use it for any purpose they desire. When it comes to deploying updates to large fleets of connected devices in the field, an account on the OTA update server could give attackers complete control of software running on all the devices. In the words of one of our customers “between our devices and the world stands only one password”.

Two factor authentication (2FA) is an increasingly important tool in the fight to stay secure even if large databases of passwords get compromised and users use the same password in many places. Together with a security software app on your desktop or mobile device, 2FA forms an extra layer of protection. 2FA is now implemented as a commercial feature for customers who opt for either Mender Professional or Mender Enterprise, and it is very easy to set up: a) download a third party app such as Authy or Google Authenticator, b) scan the QR code that you are given with your account when you login to your Mender web application, using the authenticator app, and c) each time you log in, you will be asked for a verification code which you can retrieve from the authentication app on your device.

We highly recommend all our customers to start using 2FA.

Recent articles

An Overview of EU Cyber Resilience Act (CRA) Compliance

An Overview of EU Cyber Resilience Act (CRA) Compliance

Learn how the EU Cyber Resilience Act (CRA) enforces stringent cybersecurity requirements for PDEs. Explore compliance essentials in part 1 of 4
Mender versioning: New releases by component

Mender versioning: New releases by component

Explore Mender's shift to independent component releases and versioning, designed to enhance update speed and user clarity.
Driving secure innovation: ISO/SAE 21434 & UNECE compliance

Driving secure innovation: ISO/SAE 21434 & UNECE compliance

ISO/SAE 21434 and UNECE R155/R156 standards reshape cybersecurity in software-defined vehicles. Compliance with these frameworks is essential for protecting consumers, ensuring vehicle safety, and driving innovation in the automotive industry.
View more articles

Learn why leading companies choose Mender

Discover how Mender empowers both you and your customers with secure and reliable over-the-air updates for IoT devices. Focus on your product, and benefit from specialized OTA expertise and best practices.

 
sales-pipeline_295756365