For those of you who have successfully integrated Saaspass into your Sugar on demand instance, I'd appreciate some insight. I currently have it working successfully with 2 factor authentication in our development instance but it appears to still require an end-user to push the blue login button. Additionally, the option below the login screen that says "show form" allows you to completely bypass 2FA and allows you in with just your username and password again.
For those of you who have integrated Saaspass, how did you handle this? What else might I not be thinking of either on the Sugar side or the Saaspass side to make sure 2FA always works.
Also how did you secure your mobile sugar application?