Passwords only offer a single layer of protection to a user’s identity. The most complex passwords can be compromised by:
- Using the same password on more than one website or application.
- Weaponized software downloaded from the internet or received via email.
- Clicking on links to malicious web sites.
Mimecast native 2-Step Authentication adds an additional layer of protection by denying access with just a password. Enabled, your administrators and users will need a password and a one-time verification code to access Mimecast. Administrators can choose how 2-Step verification codes are received / generated. The following options are available:
- Via email
- Via SMS (available from July 14th 2017).
- Via a 3rd party code generator (e.g. Google Authenticator, Duo, Authy, Symantec VIP Access, FortiToken, and many more) (available from July 14th 2017).
2-step authentication has the following benefits:
- The additional layer of security reduces the risk of a your administrator and user accounts becoming compromised
- Group-based configuration provides the flexibility to enable this for all users or selected users only
- Works with your existing Cloud or Domain authentication configurations to allow you to enhance security while minimizing impact
- Email or SMS* delivery of verification codes
- Support for 3rd party verification code generators to get a verification code
- Using a secure, standards-based implementation for compatibility with a wide range of 3rd party verification code generators
- Simple self-service registration process for 3rd party verification code generators reducing IT complexity
- Adaptive location based support provides the option to only require a 2nd form of verification when users attempt to login from outside of your trusted networks
*Due to contractual implications, the SMS option is only available to customers subscribing to a product from the current price list (S1, S2, A1, C1, D1, M2, M2A and other variations)
Supported Mimecast Applications
2 Step Authentication is supported for both administrator and end user access, including access to:
- The Administration Console
- Mimecast Personal Portal
- Case Review Application
- Mimecast for Outlook v7 and later
- Mimecast Mobile 3.5.2 and later
- Mimecast for Mac 2.8.9 and later
Customers using earlier versions of our Mimecast for Outlook, Mimcast Mobile, and Mimecast for Mac applications will be prompted to upgrade if 2-Step Authentication is enabled for the user.
The Partner Portal does not currently support 2 Step Authentication.