ilogsafe.com

What it is

iLogSafe is an identity authentication and access-security SaaS product for lawyers and businesses. Its core website messaging is “Cybersecurity for lawyers.” It aims to address common law-firm pain points such as password fatigue, OTP/Push MFA being bypassed by real-time phishing proxies, leakage of sensitive client files, and the resulting professional liability risks. The product positions its passwordless, device-bound iLogSafe codes as a replacement for, or add-on to, traditional login methods, protecting key accounts such as Google Workspace, Microsoft 365, email, cloud storage, finance, and billing systems.

Core capabilities and compliance

In terms of protection types, iLogSafe covers anti-phishing, anti-account takeover, anti-forgery, MFA bypass protection, and man-in-the-middle proxy protection. The website states that its login codes are bound to trusted devices, so even if a code is intercepted by proxies such as Evilginx or Modlishka, a remote attacker cannot directly gain unauthorized access. For deployment, it is offered as a turnkey SaaS and claims federated identity and Single Sign-On capabilities. In other words, it can act as an enhancement layer on top of existing passwords, MFA, or cloud-application login systems, rather than fully replacing all existing technologies.

On compliance, the website explicitly claims NIST AAL-3, says it is Fully CJIS compliant, and also mentions scenarios such as FFIEC, HIPAA, CJIS, and PCI. However, the collected text does not show third-party audit reports, certificate numbers, or the applicable boundaries of compliance, so these should be treated as vendor claims. Buyers should request supporting documentation before procurement.

Pricing and usability

Pricing information is limited. The available materials only mention Free Trial, Early Access, early bird discounts, and a “more than $150 value package”; there are no public plans, user limits, renewal prices, or SLA details. The usability pitch is clearer: it reduces the burden of remembering and managing multiple passwords, and after one-time setup it can be used across multiple accounts. It also emphasizes that offline backup keys are controlled by the user rather than relying on cloud sync. For solo lawyers and small law firms, this low-operations, add-on style approach is attractive.

Pros, cons, and who it’s for

Its strengths are a clear vertical focus and direct relevance to the legal industry’s concerns around data breaches, client trust, and malpractice risk. It also supports SSO, federated identity, and mainstream office-suite scenarios. The downsides are the lack of public information on technical white papers, actual integration lists, admin alerts, log auditing, administrator console features, and similar operational details. Early user feedback is also no substitute for larger-scale case studies.

It is better suited to solo lawyers, small law firms without dedicated security teams, and businesses that want to strengthen phishing resistance for critical cloud accounts. For larger organizations, key evaluation points should still include directory-service integration, audit trails, emergency recovery, compliance evidence, and support responsiveness.

Access from China and alternatives

The website does not disclose information on access from China, RMB payments, invoices, or local support, so practical usability is unknown. Chinese users should also test network connectivity, the stability of email/SSO callbacks, and cross-border compliance requirements. Alternatives to consider include Okta, Duo, Microsoft Entra ID, Yubico, and Cloudflare Access. Local options include Alibaba Cloud IDaaS, Tencent Cloud identity security products, and BambooCloud IDaaS.