Advanced, Deploy-Anywhere MFA with Unmatched Capabilities

SurePassID provides advanced, deploy-anywhere multi-factor authentication (MFA) that enables government agencies and covered entities to benefit from lowest total cost of ownership, unmatched MFA capabilities, and outstanding technical support.

SurePassID is easy to deploy and fully automated in the public cloud or air-gapped private clouds, and partly automated when deployed on-premise or within small air-gapped deployments, reducing or eliminating entirely the administrative burdens of maintenance, patching, scaling, and provisioning/deprovisioning users and tokens. We also offer the widest range of authentication methods and tokens for phishing-resistant MFA (FIDO2/WebAuthn) and non-phishing-resistant MFA (OATH HOTP/TOTP/OCRA), providing rapid compliance with Zero Trust, cyber liability insurance requirements, and government cybersecurity mandates.

With SurePassID, cybersecurity administrators can easily and cost-effectively add MFA to domain logins and web, mobile, and legacy applications. Our solution also addresses offline use cases where a connection to the SurePassID Authentication Server is not available, automatically falling back to a compliant HMAC-based one-time password (OATH HOTP) authentication method without any interruption to the user experience and while maintaining a complete individualized audit trail. In conjunction with hardware or software FIDO2 security keys, the result is a superior alternative to the costs and overhead of personal identity verification (PIV) or common access (CAC) cards, the only other form of phishing-resistant MFA.

As a right-sized solution, SurePassID delivers high extensibility, high scalability, and high availability no matter the size of the deployment. For private cloud and air-gapped private deployments, we leverage our advanced platform and Infrastructure-as-Code (IaC) in Microsoft Azure GCC/GCC High for 99.999% availability and on-demand, pay-for-what-you-use scalability. For small deployments, we leverage our same advanced platform and the lightweight redundancy achieved via Microsoft SQL Server and SQL Server Express. User access to mission-critical government operations is safeguarded with the same outstanding feature set.

Supported authentication protocols include Windows MFA with Offline 2FA with RDP; MacOS and Linux MFA (PAM) with SSH for Red Hat Enterprise Linux (RHEL), SUSE, Centos, and Ubuntu; RADIUS MFA for VPNs, firewalls, and network appliances; TACACS+ MFA with Cisco ISE for Cisco equipment; FreeRADIUS MFA; Lightweight Directory Access Protocol (LDAP) MFA; and Proxy Server MFA with NGINX.
Supported federation protocols include Single Sign-On (SSO); Active Directory Federated Services (ADFS); Security Assertion Markup Language 2.0 (SAML2) Identity Provider (IdP); Microsoft Office 365 IdP; OpenID Connect (OIDC) IdP; and LDAP IdP.
Supported directory service integrations include Microsoft Active Directory Sync and Live; SurePassID Directory (Microsoft SQL Server and SQL Server Express); LDAP; and Third Party (Workday, Oracle, SAP, IBM, etc.).