Protect access to your IT resources with additional proofs of identity on top of the username and password. Use multi-factor authentication to increase login security to your secure GoodAccess environment or admin panel. Use biometrics in the GoodAccess client apps.Create Free AccountSee Demo
No card needed. Full onboarding support.
MFA places an additional obstacle in an intruder’s path, stopping them from gaining access to your VPN or zero-trust environment even if they have login credentials
Mitigate the risk of identity theft when employees connect to your VPN or zero-trust environment (e.g. by man-in-the-middle attacks).
Fulfill the requirements of data protection acts for specific industries, where MFA enforcement is a legal obligation.
Starter is a free business VPN that creates a secure VPN infrastructure for your virtual organization. Every time a user connects, GoodAccess automatically seeks out the nearest gateway location with the lowest latency and assigns an IP address dynamically. This enables secure private browsing and encrypted remote access to IT resources for your coworkers, even if they connect through public Wi-Fi.
Starter comes equipped with Threat Blocker, an always-on feature that stops phishing, malware, botnets, ransomware ploys and other online security threats before they hit the user and breach your network. Learn more about GoodAccess Threat Blocker.
GoodAccess comes with one-click applications for iOS, macOS, Android, Windows and ChromeOS. No configuration is needed. Just invite your colleagues via email to create their account and get the GoodAccess app.
Enable multi-factor authentication on the network level and secure access to every system without setting it up individually. Set up MFA session timeout or require MFA per every session, and send setup instructions to team members from the same interface. In addition, protect access to your central console with MFA of its own.
Add a layer of protection to every endpoint and reduce the risk of intrusion across all connecting infrastructures. Multi-factor authentication is available for every GoodAccess client app via Google Authenticator, Microsoft Authenticator, and Authy.
biometric identity verification
Speed up access to your secured VPN or zero-trust environment with biometric identity verification. Allow your users to scan fingerprints on their device; available for MacOS, iOS, Windows, and Android.
Choose your MFA provider. GoodAccess supports MFA from Authy, Google Authenticator, and MS Authenticator.
No card required.
Full onboarding support.
We were looking for fast, secure, and quality audio transmission. We are excited that GoodAccess allows our agents to make phone calls with our clients via VOIP provider using the office IP from their home. GoodAccess is inexpensive, easy-to-use, safe, and the support team is brilliant!
GoodAccess has strong encryption which shows to our customers that we take great care in protecting their data. The app is straightforward to use so we can access our systems from 14 different time zones and work efficiently. Simply a VPN with static IP for a great price.
It's important for us that GoodAccess' VPN with static IP is fast & has low latency, which feels like working from the office. I love the user friendly control panel, which just makes the work much easier!
GoodAccess increases the level of security in our organization. We use it to access several cloud services and our data warehouse. We appreciate the customer-oriented support team, frequent product updates, and the excellent price/value ratio.
Test all premium features for 14 days without limitation. No credit card required.
Connect to a gateway near your location, decide what systems to include in your secure environment.
Invite team members and set up MFA in the Control Panel. Choose the timeout period and send instructions to your team.
No card needed. Full onboarding support.
Get convenient access to your secure GoodAccess environment with single sign-on.
Extend full control over inbound connections, manage them centrally with zero hardware required.
Minimize the attack surface by robust user authentication, granular privilege assignment, and strong encryption.
Multi-factor authentication (MFA) is an access control technique that requires an additional proof of identity – a pin number, one-time passcode, authentication via an external app or device, etc. Combinations of these factors are common.
GoodAccess provides MFA via external authenticator apps – Google Authenticator (for Android and iOS), Microsoft Authenticator, and Authy.
You can configure MFA on both the GoodAccess client apps to increase security on your endpoints, and on your control panel login to help protect the administration interface. Both are managed via the central GUI. Client apps for mobile devices support biometric authentication as well.
For a hands-on guide, visit our support portal.
MFA adds an extra step to the verification process when logging in a secured VPN or zero-trust environment.
First, the user enters their login credentials. Then, the MFA asks them to provide another proof of identity – a one-time passcode sent via a text message, pin number, verification by an external app, biometric information, or another factor. If this step is completed correctly, the user is cleared for access.
MFA stands for multi-factor authentication, with 2FA (two-factor authentication) being the older term. The concept of MFA admits the possibility of using more than one proof of identity.
MFA increases security by requiring more proofs of the user’s identity when logging into a secure VPN or zero-trust infrastructure.
On the other hand, single sign-on, is a technique of using the credentials from one identity provider to log into other systems and services. This offloads the complexity of securing the login onto the identity provider and makes the login process faster and easier.
The downside of SSO is that if an adversary manages to compromise these credentials, they gain access to all the systems and services where SSO is enabled.
1. In your GoodAccess control panel, go to the Settings section and switch to the Two-Factor Authentication tab.
2. Check Enable two-factor authentication.
In a VPN or zero-trust model of infrastructure, multi-factor authentication significantly increases security, and it is recommended as a security best practice.
Another upside is that it is relatively easy to implement.
A disadvantage of multi-factor authentication is that it may inconvenience the user by asking them to do something extra to log in. Depending on the actual technique, it may also require additional devices and network availability.
Another risk is the danger of phishing, where a user may receive a malware-containing text message in place of a legitimate MFA prompt.
No security method is infallible. Multi-factor authentication can stop most credential spoofing attacks, but it can still be exploited. For instance, an end-user can unknowingly approve a MFA prompt (e.g. a push notification) for an attacker trying to gain access to the company’s VPN or zero-trust secure infrastructure.
Yes. Attackers are constantly inventing new ways of breaching company systems. Sophisticated man-in-the-middle attacks can still successfully hijack the authentication process even with MFA enabled.
MFA should be treated as just one of the many layers of your VPN or zero-trust security system – a complement to strong passwords, deep network encryption, web/DNS filter, up-to-date antivirus, regular data backups, and least-privilege access.
Generally, hardware MFA is considered the hardest to bypass. These include hardware keys or biometric verification.