FreeRADIUS is completely scalable and supports both large and small user databases. Because it doesn't take up a lot of server resources, FreeRADIUS is well-suited for organizations with small budgets (it's in the name!) and limited networking hardware. While there is a port of it for Windows, FreeRADIUS is native to Linux so that would be a limitation for many companies who don't use it.
It is supported by virtually all cloud-based software applications for business. I am happy to allow users to use this in addition to other authenticators. Certainly, if your business is in the Google cloud it makes sense, but my approach to the remote/virtual work world these past couple of years has been structured flexibility. Leaving some choice up to the users for their own comfort, particularly when they are using their own devices. I cannot think of a scenario where it is less appropriate - perhaps where you run the risk of "app sprawl". I.e., where you are requiring users to handle multiple authenticators (which can happen with certain pieces of hardware) you may want to encourage consolidation into one to avoid frustration.
I once performed a factory reset of my smartphone which had Google Authenticator. I didn't have a backup for the device. When I restored my phone with the same google account, I was not able to restore the authenticator app settings. I had to add all the keys back into the app to use it. This is cumbersome, but I understand it is set up this way for security reasons.
I don't like the ease with which it lets you delete a key. If I accidentally delete a key, I am doomed to get my 2FA key reset, unless I still have the QR code saved somewhere.
I have not faced any technical challenge personally using this application. It's very lightweight and doesn't require many system resources on your mobile device.
I have found Google’s support to be hit or miss. There are times when they are very responsive, and I get my issue resolved quickly, and there are times where a response from them takes weeks. There is no in-between. But my support experience with this particular product is nonexistent because I have not had a problem with it yet. Hopefully, we do not have any problems with it either.
We deploy Google Authenticator in residential and non-managed client scenarios. Google Authenticator can perform the basic functions needed for multi-factor authentication but lacks the more advanced features of solutions like Cisco's Secure Access by Duo. Google Authenticator is our go-to solution for anyone ready to increase their security but struggling to find the necessary technology budget.
We previously used Microsoft Network Policy Server for our RADIUS authentication which works ok but was pretty clunky and requires Windows Server. Switching to FreeRADIUS brought our cost down to zero.
Because FreeRADIUS works natively in Linux it's easy to setup and works with all distros.
FreeRADIUS allows us to have user authentication for wifi which is much more secure than a simple shared password solution.
More secure data = less worried about a data breach.
Takes longer to log in, and if I don't have my phone then I have to go looking for it, so it really makes it so that you can't be without your phone, which in certain instances is annoying or not possible and can hold up work time.
Everyone is willing to use the same program because everyone likes Google—makes it easier to manage.
