Forums

Discuss all things Remember The Milk.

menu

Multifactor authentication

action.manager says:
RTM is my trusted GTD system; it contains a lot of personal/confidential information. I would trust it even more if RTM would use/allow multifactor authentication (a combination of something "I know" -my password- and something "I have" -unique physical item-).

Examples are the way LastPass uses the YubiKey/Grid, or Google's 2-Step Verification.

https://lastpass.com/support_faqs.php#yubikey
http://googleblog.blogspot.com/2011/02/advanced-sign-in-security-for-your.html
Posted at 7:50am on March 29, 2011
lucasvdhaven says:
Yes this would be awesome.

I vote for two factor authentication for RTM!

Thanks for reading.

Luuc
Posted 13 years ago
(closed account) says:
agreed YubiKey, Verisign VIP (the one PayPal uses), or Google Authenticator would be cool... but I'm having a hard time imagining putting anything into RTM that would need anything close to that level of security... not voting either way on this one yet
Posted 13 years ago
michiel.schok says:
Or we could use the new kid on the block using QR codes: TIQR. completely Open Source.

https://tiqr.org
Posted 13 years ago
(closed account) says:
+1 for 2 factor authentication possibly with Google Authenticator or SMS-texts.
Posted 10 years ago
koppah says:
Please add this!! As the original poster mentioned, I have a lot of personal information linked to my account.
Posted 10 years ago
keinech.tername says:
still no 2-step-verification? Come on!
Posted 8 years ago
docrea says:
Most definitely. This would make using RTM the default for me.
Posted 8 years ago
nedk says:
Please add two-factor authentication.
Posted 8 years ago
jo2sn says:
+1 for Google Authenticator.
Not that my shopping list is super secret, still want to keep it from malicious attempts.
Posted 8 years ago
andrewsnell says:
+1 for Google Authenticator and/or YubiKey OTP support.
Posted 8 years ago
(closed account) says:
Disappointed that there is still no multi factor authentication even in the year 2016! Using just a password is poor security nowadays. Not worth to loose all the tasks over a hack.
Posted 8 years ago
tomhall100 says:
+1 for Google Auth
Posted 8 years ago
(closed account) says:
+1
Posted 8 years ago
chris9140 says:
I vote for this. (RTM is the perfect app by the way - way ahead of the others)
Posted 7 years ago
charalew says:
We really need this now. Task list data is inherently personally sensitive and with the combination of greater computing power AND the greatly increased levels of hacking activity it's gone from being desirable to essential. ToodleDo has offered this for years as do most of the major Cloud Services e.g. DropBox, Google, Microsoft, PayPal, Amazon etc
Posted 7 years ago
charalew says:
Please add my vote...
Posted 7 years ago
(closed account) says:
+1
Posted 7 years ago
etairaz says:
It's 2017. Passwords are not considered a secured authentication mechanism anymore.
Guys, you really need to go ahead and allow MFA, like Google Authenticator
Posted 7 years ago
quantumghost says:
Please support U2F
Posted 7 years ago
(closed account) says:
Two-factor, please.
Posted 7 years ago
pauk.healey says:
+1 for Google Authenticator and/or YubiKey.
Posted 7 years ago
carlosleitao says:
Hi!

Respectfully, I do not understand why this subject is being discussed yet.

We all know how easy is to crack any service.
The only option to give us some safety (some!) is 2FA.

Please, Bob, prioritize this job for the next few months.

Or we are waiting for an attack to take action?
Posted 7 years ago
carlosleitao says:
Bob,

You there?
Posted 7 years ago
ikbenreinder says:
Would be awesome if RTM supported U2F. A fido U2F hardware key with Google Authenticator as a fallback would be the best implementation, in my opinion. The app as a fallback for browsers (such as Firefox) that don't have U2F built in (yet). I use a hardware U2F key from Yubico with my Gitlab account. It's really easy to use.
Posted 7 years ago
wattonen says:
+1 Google Auth
Posted 7 years ago
dcullen says:
+1 for two step authentication
Posted 7 years ago
wwoolrich says:
I'm with ikbenreinder. The Yubico U2F key is super easy. Please implement this.
Posted 7 years ago
(closed account) says:
RTM, please consider this feature...and soon.
Posted 6 years ago
zaoth says:
Please implement it!
Posted 6 years ago
andreas.fritz says:
+1 for 2 factor authentication
Posted 6 years ago
marco_cadonau says:
AWESOME - And we can login in other Computers and we don't have to think about... maybe they have recordet our password and can login.
Posted 6 years ago
marco.cadonau says:
Very IMPORTANT so keep my ToDo's save from others .... Please add this option as soon as possible. Thank you
Posted 6 years ago
(closed account) says:
This feature for such a tool is essential. And it was requested 7 years ago.
Posted 6 years ago
mweinhardt says:
two factor authentication would be very nice to have to provide added security
Posted 6 years ago
jjbiddinger says:
Hoping for this very soon!
Posted 6 years ago
(closed account) says:
we need this
Posted 6 years ago
squickel says:
OK, so go to the top of this thread. You've had requests for 2FA since 2011!! And the latest request was just 9 days ago. This really needs to be prioritized, especially with all the hacking going on around us.
Posted 6 years ago
ranbarton Power Poster says:
Two-factor, please and thank you.
Posted 6 years ago
brian.waismeyer says:
Any updates here? I mistakenly assumed RTM had 2FA and I'm sadly going to have to migrate without it. I don't put much sensitive stuff into my account, but I'm also uncomfortable with communication/tracking software that isn't 2FA protected as a rule of thumb.
Posted 6 years ago
dave.liao says:
Hopefully two-factor authentication is in the works? A lot of your competitors lack 2FA, so this would be a good differentiator.
Posted 6 years ago
zurbit says:
+1 for 2 factor authentication - thank you !
Posted 5 years ago
judydee2018 says:
Yes please please add 2FA would feel more comfortable recommending to others if it had this.

Presently my work around is to remove sensitive data and use abbreviations to replace personal info as much as poss but it’s a pain and far from 100% solution.

Posted 5 years ago
olsansky says:
Yes please add 2FA, I bet you've heard of Twillio!
Posted 5 years ago
beckerc4 says:
Please ad 2FA. Passwords are not enough.
Posted 5 years ago
andres.riancho says:
Please add 2FA!
Posted 5 years ago
(closed account) says:
Please, please add this...
Posted 5 years ago
m883022 says:
needed badly 2 factor authentication with a code texted to my cell number.
Posted 5 years ago
m883022 says:
needed badly 2 factor authentication with a code texted to my cell number.
Posted 5 years ago
m883022 says:
needed badly 2 factor authentication with a code texted to my cell number.
Posted 5 years ago
(closed account) says:
+1
Posted 5 years ago
(closed account) says:
Why didn't you implement this really important feature up to now? Tasks could be very personal, so additional security is key!
Posted 5 years ago
karloe says:
I'd like to use RTM with my team, but without 2FA it's a no-go. Any plans to implement it soon?
Posted 5 years ago
calvinyu says:
2FA is an essential feature for an app which would record very personal information. Please add 2FA.
Posted 4 years ago
wesrtm1 says:
Please add 2FA.
Posted 4 years ago
olsansky says:
Please add 2FA
Posted 4 years ago
drbunsen says:
+1 for Google Authenticator (which means TOTP - that is the simple protocol that Google Authenticator uses, but there are many more clients as this is an open standard)
Posted 4 years ago
m0urs says:
+1
One use case (besides general higher security): I am often working on site at different customers. Many of them do SSL termination at their proxy servers in order to be able to scan for malicious Internet traffic. Therefore they would be able to log user credentials and afterwards use these credentials to login to RTM. With 2FA enabled they still would not be able to login as they do not have the second factor.
Posted 4 years ago
ingovidual says:
The original Post is 9 years old and still no 2FA?
Posted 4 years ago
ksawie says:
+1 Need it for security policy of my company
Posted 4 years ago
iamjeffcohen says:
Yikes
Posted 4 years ago
larry.berson says:
I agree need this ASAP, this is the current standard for security, without it all our information is at risk
Posted 4 years ago
nyg8or says:
Another vote for MFA. This is very important.
Posted 4 years ago
lawwrence says:
Another vote for MFA. This feature is standard by now.
Posted 4 years ago
(closed account) says:
I am a new user to RTM. MFA is the one thing I miss from my old task management system. Because RTM does not have MFA, I’m choosing not to keep sensitive personal information in the system. It would be much more useful with MFA. Thank you for considering it!
Posted 4 years ago
ahirschmann says:
Especially granting RTM access to gmail and google drive services, MFA is a must! Please add this feature. Thank you.
Posted 4 years ago
ryangwu82 says:
+1 for MFA -- I'd feel a lot safer with this in place.
Posted 4 years ago
zehment says:
2 factor would be absolutly great!
Posted 4 years ago
axelmkl says:
+1 for MFA.
Posted 3 years ago
emalf13 says:
2FA is a MUST these day. Please can you implement.
Posted 3 years ago
testds says:
Please add 2FA. Please add 2FA urgently.

We're into 2021, it's not acceptable for a service like Remember The Milk, to not to have this type of standard protection.
Posted 3 years ago
pedersonjm says:
Please add 2FA/MFA with a Google Authenticator option(instead of SMS)
Posted 3 years ago
markwhitaker says:
TEN YEARS since this was first requested. That's a shameful neglect of your loyal paying users' security, RTM.
Posted 3 years ago
stenkate says:
These days 2FA is almost becoming a must in terms of security, so please implement one or multiple 2FA methos (e.g. sms, authenticator app).
Posted 3 years ago
ahirschmann says:
2FA should really be added by now. It's 2021. Love RTM, but please add 2FA as an option for users. Right now RTM presents itself as an attack vector for potential hackers by being one of the few services out there that doesn't offer 2FA.
Posted 3 years ago
(closed account) says:
I think 2FA is the trend for account security. Please add 2FA options for us. It's really important to keep our personal data safe.
Posted 3 years ago
zaoth says:
Lots of pro users have been asking for this for 10 years now - please look into it. So many other web services like Dropbox, Evernote, IFTTT and social networks offer this even for free users.
Posted 3 years ago
markhopwood says:
I really want MFA on this, especially as it has access to my Gmail through the add-on.
Posted 3 years ago
(closed account) says:
I agree that 2FA would be valuable, though I think we should steer clear of trying to "guilt" or "demand" features of the developers. They are busy with lots of requests and updates and they're doing a fantastic job with RTM. Let's make our requests known through these forums and then leave it to the development team to keep on developing at their discretion.
Posted 3 years ago
(closed account) says:
+1 for MFA.
Posted 3 years ago
redsunhat says:
Agreed, I also store data that is PII inside RTM . Would feel better knowing that add'l layer is present
Posted 3 years ago
dmather says:
+1 for MFA
Posted 3 years ago
beckerc4 says:
This is needed or I am going to have to go someplace else.
Posted 2 years ago
(closed account) says:
MUST have
Red Hat FreeOTP is... free !
Posted 2 years ago
tork.beavis says:
Re 2FA.
Really, devs. RTM is looking really out of date (Oct 2022) for a personal/work data app.

As time quickly moves on you're going to lose strong users & advocates like me if you don't have 2FA.

Come on, move with the times and put it to the top of the queue BEFORE A HACKER DOES and your competition squeals on you. That's hard to recover from.
Posted 2 years ago
fant says:
nowadays required for users with sensitive data ... and these can sometimes occur in a todo list ;-)
This request startet in 2011!

2FA highly requested - please put priority on this.
Posted 2 years ago
fant says:
BTW, can't find an answer or statement from your Team/Devs in this long comment-string... hm, what does could this mean
Posted 2 years ago
listliker2020 says:
Please implement the option for Two-Factor Authorization, at least for notifications when a password is changed. Knowing someone's current task, as in the things they are currently checking as complete, can give location information or at least signal whether or not someone is home. For example, marking as 'done' for items on a shopping list. This ties into personal safety.
Posted 1 year ago
(closed account) says:
Did already voted once for this one ! On todays world and security issues : O-B-V-I-O-U-S
Posted 1 year ago
jjansenaalten says:
Still no MFA? Please give some information, is it on your roadmap?
Posted 1 year ago
tork.beavis says:
First requested 11 years ago. Consistently requested as late as 6 months ago.
It’s very easy to implement as an option.

What is more important than your users’ personal and business data?

I have to wonder if you have some motive for NOT implementing MFA. It’s not the workload for sure. You stand to be sued with a class action lawsuit if your system is hacked and our data published.

Posted 1 year ago
kmkurn says:
More than 10 years requested and still nothing on the roadmap it seems. Time to consider migrating I guess!
Posted 1 year ago
manuel.studer says:
Definitely important this one.. make us a present rtm team. Your app is already important and awesome
Posted 1 year ago
atlamp says:
App is awesome and contains such sensitive data after so many years of use. Please consider prioritising this as a feature
Posted 1 year ago
hijack2323 says:
feature would be very nice
Posted 1 year ago
nwhuizen says:
MFA is quite essential to me, please prioritize this feature!
Posted 1 year ago
mrcombin says:
It time to do that! App without 2fa in 2k24 it is nonsense!
Posted 7 months ago
henrikba says:
Just adding a +1 here ;)
Posted 6 months ago
valdar729 says:
Please add in this feature. It's one of those things that if I don't have it within the next year I'll have to move over to a system that does (do to multiple scam attempts on my data from multiple sources). I've been a customer for 10+ years and I'd hate to move away for this reason.
Posted 5 months ago
michael.neuenfeldt says:
This is pretty basic to all robust online services at this point. Please add asap. Not having this means if you get hacked I get hacked.
Posted 12 weeks ago
kern3lly says:
Organizing work for a company in RTM is impossible if 2FA is missing. Please add it.
Posted 8 weeks ago
derekge says:
Adding my 2cents: please implement, the world is already moving on to passkeys.
Posted 19 days ago
Log in to post a reply.