Close
logodocs

Authentication & Identity Federation

General Security Settings

Timeouts

strongDM allows customers to define timeouts for Client session length and Client and AdminUI idle periods to suit the customer's specific needs.

Brute Force Attacks

There are countermeasures in place to combat brute force account attacks. A user's account will be automatically locked after five failed authentication attempts. The lock is removed after five minutes, after which the user can attempt to log in again. This automatic lockout period greatly limits the efficacy of a brute force attack.

OIDC Federation & SSO

Multi-factor Authentication

strongDM can integrate with Duo Security to enforce multi-factor authentication on all SDM Client sessions. See Set up MFA with Duo for details.

Native Authentication

Password Requirements

When using strongDM's native authentication, customer administrators can enforce minimum password requirements for all users.

Password Hashing

All user passwords are hashed using the bcrypt, with at least {{X}} rounds. Passwords are never stored or logged in plain text.

strongDM regularly revisits the chosen hashing algorithm and number of rounds to ensure we are adhering to industry best practices.

Identity Federation

strongDM allows customers to federate with a variety of Identity Providers to manage user identity and authentication.

SAML Single Sign On

OIDC SSO

In addition to offering integrations with a variety of SSO providers, strongDM also allows the use of any OpenID Connect (OIDC)-compliant SSO service. Support for OIDC in general opens the door to many more providers than strongDM would otherwise create and maintain specific integrations for, while not compromising on security.

User Provisioning

strongDM integrates with Okta and Azure AD to enable SCIM-based user provisioning, allowing customers to manage their users within their centralized Identity Provider.

Previous
Platform Security
Next
Credential & Secrets Management