Instead of rolling our own authentication system, we selected Amamzon Cognito to provide our customers with the most reliable, seamless, secure, and user-friendly login experience.
Cognito operates at planetary scale so you can be assured that password recovery workflows will operate quickly and reliably. If need be, an administrator can always reset a user password right in ControlBoard®.
For enterprise customers we support authentication through Microsoft Active Directory or another SAML/Open Id provider like Okta. Federated login allows you to manage access to ControlBoard® with the same tools you use for the rest of the applications in your portfolio.
If security is top of mind, we can enable Multi-Factor Authentication (MFA), either by SMS message or a time-based-one-time password (TOTP) using an app like Authy or Google Authenticator.
You can set password policies that work best for for your company: Username and password, email and password, even an SMS phone number and a password. You can even specify password strength rules that adhere to your company policies.
There are certain features, like settable password expiration/rotation policies, that Cognito doesn't support yet. But it's an actively developed platform backed by Amazon. We at ControlBoard® are confident in the bet we've placed on Cognito to provide users with the best possible authentication system over the long haul.