Login and Access Security - What are our options

With recent data breaches in our industry, I need to urgently secure mautic
Mautic as it stands does not comply with any cybersecurity insurance policies.

What options do we have within mautic to limit brute force attacks and broadly speaking implement a 2fa login process?

Be very happy with something basic such as an email/sms code,
followed up by social only login and lately an authenticator such as google authenticator.

Google authenticators being powerful but a big user barrier, and alot of config / user support

Only protection I have is the firewall/cloudflare and users being smart about their passwords.
Lastpass breach has all but made the smart passwords rule reliable

As far as I know there is no reliable solution / plugin.
I would chip in if you come up with something.
The Google Authenticator plugin no longer works, although it was fine for years.

Hey mate

Have you successfully played with the saml sso?
Haven’t found the best documentation online for this

Got Keycloak up and running

The SAML docs are rather thin tho

Stuck on generating the xml meta file as my mautic nginx setup keeps redirecting to the dashboard

Can’t find any tutorials or examples of what this metadata.xml is meant to look like for manual config

No, I just wanted to do 2FA as step 1.