Multifactor lets you share access to accounts securely without exposing passwords. Use links like Google Docs to grant access. Import from LastPass, Apple, or Google with one click. Let AI agents log in and take action with your permission.
No reviews yetBe the first to leave a review for Multifactor
Setapp — Grow, and monetize your app with unified AI gateway
Grow, and monetize your app with unified AI gateway
Promoted
Can I use this to set policy about the types of things my EA is allowed to do across all my accounts (e.g. view my account balances / information across all my financial accounts) without having to share credentials individually? Having her constantly need to ask for permissions for a specific account I forgot has been a real pain.
@jordan_chetty Yes! This is the exact kind of use case we know that this assists with! You can happily share a list of your accounts with your EA, each with fine-grained permissions, and they can use those accounts subject to the rules you placed on them. Also, you can see all the actions taken by the EA after the fact with our auditing feature. This way you know who/what/when/where/how your accounts have been used!
Report
Congrats! With Lastpass, I'm able to share my login details with multiple people at the same time (1 to many). Is it possible to do the same with Multifactor?
@thiagodecarvalho You can share with as many people as you'd like by adding their emails in the account sharing menu. In the future, we will also allow you to create groups and folders for sharing. Also, these groups/folders (or individual shares) can be given the exact level of permissions that you specify :)
Report
Hi Multifactor seems super cool! I would love to be able to share credentials in an easy and fine-grained way.
However, I had problems getting it working. Maybe it's just user error, which is why I am posting here. I installed Multimodal on both my iphone and Macbook and had the same problems with both.
The "copy" button next to the password doesn't work. UPDATE: I think it is supposed to create a checkpoint link, but when it cannot (for X/Twitter and Facebook in my case), there is no error and the copy buffer just keeps whatever was last in it. (You can make the password visible and then manually retype it, but that also defeats the purpose of not sharing passwords.)
The two accounts I tried to share with a friend (X/Twitter and Facebook) would not let me share. The sharing screen gave me an error, "This service can't be used with Checkpoint yet". How can I find which services are fully integrated today, so I don't waste time setting up servces that are not integrated?
I wanted to share an account on a different app (Copper CRM) but search could not find it, so I assume it is not integrated at all.
I hope you can guide me on using Multifactor correctly and productively. Thanks,
Jean
Report
Congrats on the launch this is really solid!
I noticed your product likely needs developer-facing onboarding or API documentation as you scale.
If you're still refining your docs / quickstart flow, I specialize in making integration steps clearer so devs can get started faster.
If helpful, I can review your current documentation or setup flow and send back clarity suggestions. No pitch just useful developer experience feedback.
Report
I wanted to use it, but it started with a bug that prevented using a passkey. Then, when I tried to import from LastPass, it gave me an error saying it couldn't do it now. So, the only option is to do it manually. Despite all this, I still haven't used the platform.
@roozbehfirouz Yes! We can share fully programmatic access to accounts: one time use links, links that work for a day, etc. on top of the other fine-grained controls.
Report
Congrats on the launch. How’s this different from 1Password’s shared vaults or Dashlane’s Teams plan?
@zerotox@yuzulele09 Sure, there's a few differences. The biggest is that existing shared vaults revolve mostly around directly sharing account credentials. By contrast, Multifactor lets you share any online account with humans or AI agents just by sending a link, without ever actually sharing the underlying credentials.
This means that unlike password sharing, you can and instantly revoke access (no need to rotate credentials) and not worry about anyone still being logged in to your account in the background. You can also enforce fine-grained access controls that control exactly how people use accounts that are shared with them. Happy to provide details, let me know if you have any further questions about how it works :)
Report
@zerotox@yuzulele09@viveknair How would you revoke access if the site your trying to login to uses stateless (jwt) authentication which is time based though? just asking technically. for example ph which i think may be stateless, each api call is verified with the attached bearer token, in esense, you are obtaining that token and storing it in your proxy?
@zerotox@yuzulele09@rishiuttamhk Great question! When accessing an account through Checkpoint, cookies (including authentication tokens) aren't stored on the recipient's device in plaintext. Instead, they're encrypted and then securely decrypted inside a trusted execution environment within the Checkpoint service. As soon as access is revoked, Multifactor will refuse to decrypt cookies for that account, ensuring access revocations take instant effect, even if recipients are already logged in.
Can I use this to set policy about the types of things my EA is allowed to do across all my accounts (e.g. view my account balances / information across all my financial accounts) without having to share credentials individually? Having her constantly need to ask for permissions for a specific account I forgot has been a real pain.
Multifactor
@jordan_chetty Yes! This is the exact kind of use case we know that this assists with! You can happily share a list of your accounts with your EA, each with fine-grained permissions, and they can use those accounts subject to the rules you placed on them. Also, you can see all the actions taken by the EA after the fact with our auditing feature. This way you know who/what/when/where/how your accounts have been used!
Congrats! With Lastpass, I'm able to share my login details with multiple people at the same time (1 to many). Is it possible to do the same with Multifactor?
Multifactor
@thiagodecarvalho You can share with as many people as you'd like by adding their emails in the account sharing menu. In the future, we will also allow you to create groups and folders for sharing. Also, these groups/folders (or individual shares) can be given the exact level of permissions that you specify :)
Hi Multifactor seems super cool! I would love to be able to share credentials in an easy and fine-grained way.
However, I had problems getting it working. Maybe it's just user error, which is why I am posting here. I installed Multimodal on both my iphone and Macbook and had the same problems with both.
The "copy" button next to the password doesn't work. UPDATE: I think it is supposed to create a checkpoint link, but when it cannot (for X/Twitter and Facebook in my case), there is no error and the copy buffer just keeps whatever was last in it. (You can make the password visible and then manually retype it, but that also defeats the purpose of not sharing passwords.)
The two accounts I tried to share with a friend (X/Twitter and Facebook) would not let me share. The sharing screen gave me an error, "This service can't be used with Checkpoint yet". How can I find which services are fully integrated today, so I don't waste time setting up servces that are not integrated?
I wanted to share an account on a different app (Copper CRM) but search could not find it, so I assume it is not integrated at all.
I hope you can guide me on using Multifactor correctly and productively. Thanks,
Jean
I wanted to use it, but it started with a bug that prevented using a passkey. Then, when I tried to import from LastPass, it gave me an error saying it couldn't do it now. So, the only option is to do it manually. Despite all this, I still haven't used the platform.
Sellkit
That’s clever. Congrats! Does it support temporary or expiring access links too?
Multifactor
@roozbehfirouz Yes! We can share fully programmatic access to accounts: one time use links, links that work for a day, etc. on top of the other fine-grained controls.
Congrats on the launch. How’s this different from 1Password’s shared vaults or Dashlane’s Teams plan?
@zerotox also curious here
Multifactor
@zerotox @yuzulele09 Sure, there's a few differences. The biggest is that existing shared vaults revolve mostly around directly sharing account credentials. By contrast, Multifactor lets you share any online account with humans or AI agents just by sending a link, without ever actually sharing the underlying credentials.
This means that unlike password sharing, you can and instantly revoke access (no need to rotate credentials) and not worry about anyone still being logged in to your account in the background. You can also enforce fine-grained access controls that control exactly how people use accounts that are shared with them. Happy to provide details, let me know if you have any further questions about how it works :)
@zerotox @yuzulele09 @viveknair How would you revoke access if the site your trying to login to uses stateless (jwt) authentication which is time based though? just asking technically. for example ph which i think may be stateless, each api call is verified with the attached bearer token, in esense, you are obtaining that token and storing it in your proxy?
Multifactor
@zerotox @yuzulele09 @rishiuttamhk Great question! When accessing an account through Checkpoint, cookies (including authentication tokens) aren't stored on the recipient's device in plaintext. Instead, they're encrypted and then securely decrypted inside a trusted execution environment within the Checkpoint service. As soon as access is revoked, Multifactor will refuse to decrypt cookies for that account, ensuring access revocations take instant effect, even if recipients are already logged in.