balexpac's profile

Mon, May 10, 2021 3:53 PM

Multifactor authentication problem

I have been seeing a prompt to enable multifactor authentication. I am actually pleased to see this as an option. However, the current implementation will create problems for households with multiple users.  
Simplisafe currently only allows one user login per account where in my example, my wife and I share the same user login. If I were to implement multifactor authentication, either my wife or I would not have access to the account since only one person would have the device being used for multifactor authentication. If I was attached at the hip to my wife 24-7, this wouldn't be a problem. However, we both have busy lives and are not with each other 24-7. Thus, simplisafe needs to implement the option to have multiple user logins per account before enforcing multifactor authentication.
I know it is currently optional, but simplisafe says that it will eventually require mutlifactor authentication. Moreover, I would actually prefer to use multifactor authentication now, but cannot do so without limiting access to either myself or my spouse when attempting to log in from a new device or browser.

Official Solution

Community Admin

 • 

2.9K Messages

8 m ago

@jerrybny and @stevendunn ,

Since this post, support for MFA over SMS with multiple phone numbers has been enabled. Head over to the SimpliSafe app (on a device where you're already logged in), then navigate to Menu > Manage Account > Multi-Factor Authentication. You'll be able to set up multiple phone numbers there.

When logging into a new device, after typing in your username and password, you'll be able to select which contact should receive the confirmation code.

Captain

 • 

4.7K Messages

1 y ago

@balexpac SS requires device authentication (1x) by device and by browser. A bit of a PIA but can appreciate the security. Once authenticated, you should be good to go, or at least until you clear your cookies.

As far as 2FA using the good old industry standard of texts, I avoid them like the plague, opting for 3rd party apps like Google Authenticator and use them when available. SIM swapping is becoming too large of a problem and until/if 3rd party alternatives are available, I won't be using 2FA with Simplisafe. Admittedly, all of this is just my opinion, many others will differ.,

2 Messages

1 y ago

I currently use Authy for 2FA for any website/account where it can pose significant risk to me if it were compromised. e.g. My bank accounts, email, etc...
My primary concern was not having multiple user logins for my simplisafe account, which makes using 2FA difficult if you aren't the one whose device is registered for the 2FA. This has happened with other websites or accounts where the only allow one login. If I'm traveling, at work, etc..., my wife will have to call me to give her the one-time password generated by Authy to allow her access to the account to which she is attempting to log in. Most websites will allow for more than one login username when 2FA is required. e.g. We have unique login accounts for our banking accounts. This allows us to each register our own devices for 2FA.

Community Admin

 • 

2.9K Messages

1 y ago

Hey balexpac,

These are some very valid points. We'll send your feedback up to our dev team.

- Johnny M.
SimpliSafe Home Security

1 Message

8 m ago

I am running into the same issue.  Has anything been set up to address this problem?  Thanks

1 Message

8 m ago

I am having the same problem also