How can we improve Kerio Connect?

Two factor authentification for the webmail

Add two factor authentication for the webmail. Webmail is often used insecure places (webcafes / public networks etc). Two factor authentication through Goolge Authenticator or a Yubi Key would reduce the ability for keyloggers and password sniffers to do their thing.
Also this is a feature for the users that are a bit more concerned about the security of their mail than regular users.

419 votes
Sign in Sign in with GFI
Signed in as (Sign out)
You have left! (?) (thinking…)
Eivind Nag shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →


Sign in Sign in with GFI
Signed in as (Sign out)
  • Mark Sainsbury commented  ·   ·  Flag as inappropriate

    We are under increasing pressure to scrap Kerio Connect due to the lack of 2FA support. When it this going to be looked at?

  • Ing. Martin Tobola commented  ·   ·  Flag as inappropriate

    Absence of two factor Authentication over the webemail is a huge security issue. Please do something as soon as possible.

  • Daniel Vugteveen commented  ·   ·  Flag as inappropriate

    The feature is very important to us. It can no longer wait as our medical and defense customers are requiring our systems to be more secure.

  • VR Hoisington commented  ·   ·  Flag as inappropriate

    Another vote for 2 (or multi) factor authentication. Symantec VIP access or Duo are other options.
    Kerio Control has it. Why not Kerio Connect?
    We're not government but heavily regulated and Cybersecurity is a hot topic. 2FA will become a necessity before long.

  • Todd commented  ·   ·  Flag as inappropriate

    Would be nice to have but less of a need in our case as users don't log in from public devices. If they don't have a laptop then at the very least they have a smartphone. But I can see a need for many companies that work differently.

  • Sean commented  ·   ·  Flag as inappropriate

    +1 for yubikey support (U2F and using the yubikey authentication service)

  • Administrator commented  ·   ·  Flag as inappropriate

    i'm a fairly new reseller of kerio products and people love it but i feel like these accounts will slowly come to an end. customers are demanding greater security and they're wondering why they can login to their email address from anywhere without any warnings or prompts to continue.

    webmail should be protected, maybe even outlook's connector and also phone config should be notifying an administrator to approve deviceid's, as in, allow it in, jail the email and don't show the new set up any existing emails until it's been verified by an admin that it is allowed.

  • Darius Pauly commented  ·   ·  Flag as inappropriate

    This should be implemented as an option for all authentication, not just webmail.

    am also in favor!

  • Kachen Sucaravetsiri commented  ·   ·  Flag as inappropriate

    We are government organization with 2500+ mailboxes. Some of our mailboxes are top management. Without two factor authentication, Kerio Connect considered insecured. This feature has been suggested since 2014 and regretably there is no movement as yet.

    We are looking forward for your positive response on this. We would love to maintain our positive though with Kerio Connect.

Feedback and Knowledge Base