Implemented MFA / 2FA for Omada Cloud
 This repeated request has been merged into the main thread Request - Please add two factor authentication to the omada cloud managment. . Please vote on the main thread.
Implemented MFA / 2FA for Omada Cloud
Hi there,
As I've been working through a medium sized PoC/PoV deployment I came across a security gap in the Omada Cloud offering.
Is MFA / 2FA functionality on the roadmap for the OC200 / software controller and the cloud remote managemnt?
A similar setup to how Ubiquiti does it would be great! (via an authenticator app or WebAuthN).
This would be a great addition!
Thanks!
- Copy Link
- Subscribe
- Bookmark
- Report Inappropriate Content
@Fae - This really should be be priority 0 for a supposed business-class product. Do you understand the security implications of a cloud account compromise for someone managing multiple sites?
Look at the Kudos and Views for this thread, and the one at Request - Please add two factor authentication to the omada cloud managment.
As non-optimal as they are, you could even start with SMS and email link verification.
- Copy Link
- Report Inappropriate Content
Dear @YATechMonkey,
YATechMonkey wrote
This really should be be priority 0 for a supposed business-class product. Do you understand the security implications of a cloud account compromise for someone managing multiple sites?
Look at the Kudos and Views for this thread, and the one at Request - Please add two factor authentication to the omada cloud managment.
It has been forwarded to the developer team for evaluation, as a result, it's planned to be supported on Omada Controller v5.0.
Thank you for your attention and patience.
- Copy Link
- Report Inappropriate Content
Thanks @Fae - As the only active official account on here (are you one person or multiple?) I know you mostly only get our complaints/requests, but some of these seem basic/long-standing. Is there a timeline/roadmap posted of planned features and fixes?
- Copy Link
- Report Inappropriate Content
Adding to this comment, I've held off doing a large scale deployment until MFA is in place. The TP-Link Omada solution came out on top for price, performance, etc. - except for meeting our MFA requirement.
- Copy Link
- Report Inappropriate Content
@WirelessForEver Time for the monthly bump. Looks like it may be getting close with the addition of the Cloud Controller on the Omada page saying coming soon. Hope this migrates down to the other tiers and includes the MFA.
https://www.tp-link.com/us/business-networking/omada-sdn-controller/omada-cloud-based-controller/
- Copy Link
- Report Inappropriate Content
Merryworks wrote
@WirelessForEver Time for the monthly bump. Looks like it may be getting close with the addition of the Cloud Controller on the Omada page saying coming soon. Hope this migrates down to the other tiers and includes the MFA.
https://www.tp-link.com/us/business-networking/omada-sdn-controller/omada-cloud-based-controller/
Thanks for the monthly bump! Hoping for this soon too! Fingers crossed they add SSO support too if they're marketing the solutions to MSPs now.
Hope all is well with you.
- Copy Link
- Report Inappropriate Content
@WirelessForEver wow, I'm honestly shocked to discover they still do not have MFA protection in the cloud, and it's now been over a year since the original poster pointed out the flaw! I just purchased a big lot of Omada products (2x OC-200, 2x TL-R605, 2x EAP620-HD) and was looking forward to rebuilding my network infrastructure across two sites with TP-Link, but this is honestly a deal breaker! A single point of control to all my networks, accessible from anywhere on the web, and they didn't think it warranted implementing any additional security beyond a simple password? Like another poster has said, if they missed such an obvious thing, what else could they be missing?! My whole incentive for this rebuild was because my previous infrastructure had gottten compromised, so for me, this isn't something I'm willing to compromise on. I'm afraid I have no choise but to return the equipment while I can still get my money back. TP-Link, this is a huge security gap, it shouldn't have taken you over a year's time to simply "forward the request to the development team for evaluation"... MFA has been an essential feature in online security for several years now, and for a major company operating in this field it shouldn't have taken this long to get onboard.
- Copy Link
- Report Inappropriate Content
- Copy Link
- Report Inappropriate Content
- Copy Link
- Report Inappropriate Content
Dear @whoisbotsman,
whoisbotsman wrote
Would you be able to provide an ETA for the 5.0 release and confirm the MFA feature is getting added into it?
For your reference, the ETA for the Omada SDN Controller v5.0 that supports 2FA is around October 2021.
- Copy Link
- Report Inappropriate Content
Information
Helpful: 10
Views: 17199
Replies: 54