SSO improves the customer experience: users log in once and can switch between contract overview, document area and claim reporting – without logging in again. This increases portal usage and reduces support requests related to login problems.
Keycloak supports various MFA methods: TOTP apps (Google/Microsoft Authenticator), passkeys and WebAuthn (fingerprint, Face ID), as well as SMS and email codes. loginfactor advises which methods are practical for your users – and configures the right balance of security and convenience.
Both are possible. Keycloak allows flexible MFA configurations: mandatory for everyone, optional as self-service, or depending on user groups. loginfactor advises which configuration fits your users and compliance requirements.
Keycloak supports OpenID Connect (OIDC) and SAML – which makes it possible to connect most modern applications. loginfactor supports you in setting up standard products and integrating OIDC into custom-built portals and apps.
Keycloak can log login events: successful and failed logins, timestamps and IP addresses. These logs can be used for compliance evidence. loginfactor runs Keycloak in EU-based data centers and supports GDPR-compliant configuration.
Yes. Keycloak provides standardized, proven security – tested and continuously improved. Custom-built login systems are error-prone and require ongoing maintenance. With Keycloak, you get MFA, password policies and session management from a single source. And if additional applications are added later, SSO is already prepared.
loginfactor supports different migration paths: batch import of all accounts with password-hash migration (customers keep their passwords) or step-by-step on-login migration without downtime. loginfactor plans attribute mapping, data cleansing and rollback strategies with you.
Keycloak is open source: full control over your data, no vendor lock-in, no dependency on non-EU providers. You can run Keycloak yourself at any time or switch providers – your configuration and data remain yours. loginfactor offers Managed Keycloak with the benefits of open source plus professional operations in EU-based data centers.
Keycloak runs reliably without you having to take care of operations. loginfactor handles security updates, monitoring and high availability – you focus on your core business. If problems arise, loginfactor reacts before you notice. Ideal for teams without dedicated IAM expertise.
loginfactor provides managed hosting with SLAs, consulting on MFA configuration and integrations, and support for connecting your portals. EU-based hosting and support in English and German are standard. For B2B scenarios like broker portals, we also provide self-service and delegated-admin extensions.
