by 38 Elements

With Sugar 2FA you get an extra layer of protection by adding 2-factor authentication to your SugarCRM. In this case, a potential attacker needs more than just your username and password credentials. Users do not need to remember any additional information; they just need to access the authentication app installed on their mobile phones and enter a temporary 6-digit security token as the second step of the login process.

Due to the high demand we have now added a support for Sugar On-Demand. Even if you are using SSO (single sign on) on your Sugar you will still be able to add 2-factor authentication to your Sugar authentication process.

Free 30 day trial
Try it Now

By clicking you consent to be contacted by the developer

A Google survey found that 65% of people use the same password for multiple online accounts. If users have more secure, system-generated passwords, chances are they will keep them somewhere publicly accessible. Cyber attackers can test billions of passwords (and counting) every second.

Why your SugarCRM needs it

If a data breach has not happened yet, it does not mean that it will never happen. Two-factor authentication is a proven way of securing online applications, adopted by all the leading software providers. Sugar 2FA enables you to stay in line with all the other major companies that implemented this way of additional protection.
SugarCRM 2FA protect sensitive data
Protect sensitive data

Companies that store and work with sensitive data are advised to lock everything more securely. Sugar 2FA protects your system by adding an additional layer of security.

SugarCRM 2FA widely accepted
Widely accepted​

The majority of online applications have 2-factor authentication implemented. With Sugar 2FA you can be like Google, Salesforce, Microsoft, Zoho, Slack, QuickBooks, Shopify, PayPal, MailChimp, Twitter, and Basecamp, to name a few.

SugarCRM 2FA credentials agnostic
Credentials agnostic

Sugar 2FA does not read, save, share, or send users’ credentials outside of the SugarCRM application. Credentials are checked using SugarCRM’s default methods for validating credentials. Sugar 2FA module does not send any piece of data from your SugarCRM to the outside world (except for license key validation).

SugarCRM 2FA software token
Software token factor

Sugar 2FA uses the most convenient and efficient way of adding a second layer of security: tokens generated on your mobile phone by free authentication app. Each user will be required to complete the configuration wizard for their authentication app. Users need to enter a token (6-digit code) generated by the app as part of their login process, after entering their credentials.

SugarCRM 2FA offline support
Offline support

Authentication apps generate time-based tokens for particular users. If you are working from an office with no internet access, the authentication app will still work since it does not require internet connection.

SugarCRM 2FA authentication app
Free mobile authentication apps

There are a number of authentication apps available for all types of mobile phones: ‘Google Authenticator’, ‘Microsoft Authenticator’, ‘LastPass Authenticator’, ‘Authy’. They are all free and trusted applications that can be used with Sugar 2FA. You can also use any other app (that supports generating time-based tokens) of your choice.


Sugar 2FA adds an extra layer of protection for your SugarCRM. Increase your SugarCRM security today with 2-factor authentication!

Increased security level of your SugarCRM 2FA applications for Android and iOS Unlimited number of users Supports SugarCRM 9.0+ and above Supports On-demand and On-premise installation


Sugar 2FA Login Screen

Sugar 2FA Configuration

Sugar 2FA QR Code

Sugar 2FA Enter Code

View Pricing
* Free 30 day trial
  • "Support has been first class, and the development team is open to new ideas. Highly recommended" - BradLohoar

    Read More Reviews