Active Directory Single Sign-On
Single Sign-On, using your Active Directory credentials, is available for Windows PCs joined to the domain. When used, users are automatically authenticated to Active Directory and the Passwordstate web site, without the need for them to specify their username and password.
Manual Active Directory
If you prefer not to use Single Sign-On Active Directory Authentication method, you can choose to use Manual Active Directory Authentication, whereby the user must first manually authenticate using the site their AD username and password.
Duo Push Two-Factor
Make use of the leading cloud-based two-factor authentication solution, and choose Duo Security's Push Authentication - https://www.duosecurity.com/.
One-Time Password Tokens
Based on either the TOTP (Time-Based) or HOTP (Counter-Based) algorithms, you can use either hardware or software tokens for additional two-factor authentication.
ScramblePad Authentication works by assigning a Pin number to a user's account. When asked to authenticate, the user must match their pin number against a series of randomly generated letters.
Email and a Temporary Pin Code
When you first authenticate to Passwordstate, a temporary Pin Code can be emailed to an email address of your choice (could even be an SMS Gateway). The Pin Code is only active as long as the time period as specified by your Passwordstate Security Administrator(s).
SAML 2 Authentication
Passwordstate also supports SAML2 authenticator, with various SAML providers who support this standard. Providers such as https://www.okta.com/, https://www.onelogin.com/, or even Active Directory Federation Services (ADFS).
Integrate authentication with your existing RADIUS infrastructure as well. Based on the RADIUS Protocol, free RADIUS servers such as http://freeradius.org/ can be used, as well as many commercials ones.
If your preference is not to use the Active Directory Integrated authentication method, you can opt for Forms-Based authentication. With Forms-Based authentication, there is no reliance on AD at all, and users must supply username/password every time they wish to use Passwordstate.