Security is a top priority, and we’ve been paying close attention to the community discussions around it. One point that came up repeatedly is that essential security features shouldn’t be locked behind a paywall. I hear you, and agree.
That’s why we’re making our MFA module free to all FreePBX users. This is a step toward ensuring that every system- big or small, has access to basic protections without extra cost.
That said, Free MFA will be rolling out soon, and as part of an internal process requirement, a formal notification was sent to our distribution partners last week, and we can expect this change to take effect on or before April 1st. In the meantime, if there are other security related changes you think we should consider, I’d love to hear your thoughts!
Thanks for being part of this community and helping shape the future of FreePBX
This was my thought as well; TOTP is super easy to implement and could be added to framework very easily. Failing that, providing proper hooks so others can create open source authentication modules would be nice.
Indeed. Whatever the type of FreePBX server, Sangoma needs to protect their products commercial or not.
MFA installed by default and free is smart and it makes sense.