Two-factor authentication

I wonder why Prismic has no support for two-factor authentication, except SSO in the much more expensive Platinum+ plan. Any SaaS vendor should have two-factor available by default for any plan (imo).

The risks are high: Hackers can make nasty changes to a website when they get their hands on a username + password. E.g., man-in-the-middle attacks where a hacker links to a ghost website and copies a login page.

Two-factor/SSO should not feature your pricing plan to let people upgrade. Mailchimp gives even a discount when you activate two-factor.

Hello @joost1, welcome to the community.

The product team has been discussing the possibility of adding 2FA, and we’re planning to add it at some point in the future. However, it’s not on our immediate roadmap, so I can’t share an ETA.

At the moment, as you said before, 2FA is only available through SSO login that we can activate on Enterprise plans.