Aside from having SSO, suggest having an extra layer like multi-factor authentication (MFA/2FA).
The users can access the platform without Single Sign On or AD integration but at least it can have additional authentication aside from password complexity.
If the users will login with the SSO or AD integration for additional authentication, it allows using the corporate MFA like Authenticator.
External users and native admin users should be protected using MFA. This should be a mandatory feature for any cloud based applications. Not sure why Absorb hasn't added this to the portal.
My company is hoping to have this added as well! We are wanting to offer training to our external partner companies through Absorb, and they wouldn't have SSO set up. MFA would be an added layer of security for their accounts.