We added Duo Security Two-Factor Authentication because it was the right thing to do

Two factor authentication for product management and SaaS

We added Duo Security two-factor authentication and we feel better that we did. It was the right thing to do and the most convenient way for customers to significantly enhance their user’s security profile while using Aha! Compared to other approaches like rotating passwords or adding password complexity — it was the obvious choice.

Two-factor authentication can be used to improve the security of your account by adding another level of protection to the login process. With two-factor, a message is sent to your cellphone (or landline) during the login process. The login only succeeds if you respond to the message.

While basing security on forced password changes or complexity sounds like a good idea — it simply encourages most folks to write the passwords down and it does not help protect them against theft. They are still passwords at the end of the day.

Our implementation with Duo makes it easy to protect users from bad guys (and more likely just bad habits) while still accessing Aha! with ease. It’s as easy as logging in to Aha! and tapping a button on your phone to take advantage of the added security. There are no phone calls to wait for or passcodes to type in.

Here is how to get started:

To take advantage of two-factor the Aha! account administrator must first signup for a Duo Security account. There is no need to add your Aha! users to Duo manually — they will be added automatically the first time they log into Aha! after two-factor is enabled.

Create a new integration in Duo. The type should be set to Web SDK.
2FA product management

The default configuration for the integration is fine. Copy the Integration Key, Secret Key and API hostname values — they will be needed to configure Aha!

In Aha! go to the Account settings -> Account -> Profile page. Enter the values from your Duo integration, enable two-factor authentication and click Update.
2FA product management Duo

Test the authentication flow by using a different browser or a different computer (so that you can change the settings if they are wrong). In the different browser try logging in. After entering your email address and password you will be prompted to enroll for two-factor authentication.

Two-factor authentication applies to all users in an Aha! account. Go here to learn what your users will need to do when they log in to Aha!

About Brian and Aha!

Brian seeks business and wilderness adventure. He is the co-founder and CEO of Aha! — the world’s #1 roadmap software — and the author of the bestseller Lovability. Brian writes and speaks about product and company growth and the adventure of living a meaningful life.

Sign up for a free trial of Aha! and see why more than 250,000 users worldwide trust Aha! to build and market products customers love.

We are rapidly growing and hiring!

  • Customer Success Managers (product manager experience required)
  • Product Marketing Managers
  • UX Designers
  • Rails Developers

Work from anywhere and be happy. Learn about our team — see current openings.