So we use Team Viewer to access hundreds of computers in our organisation, as a result it has to be secure. We also use OKTA SSO (not Active Directory), to authneticate with 95% of our systems, this of course means that when someone leaves we can cut them off from everything in one click, however TeamViewer does not yet allow that. FYI LogMeIn does support SAML.
It's also worth pointing out that using Captcha can acutally make the login process less secure. The reason is that most security savvy people these days use SSO or a password manager, If you use one of these methods (and I recommend you do) while the browser is in that limbo state i.e. Password and username filled in but captcha waiting to be clicked, it is possible to Press F12, inspect the browser elements and view the password in clear text. Which of course a nefarious piece of malware could easily do.
As a fallback my company were hoping to use Secure Web Authentication (not as good as SSO) via OKTA and authenticate our IT support folks in that way, without giving them a password they would know, so that if someone left the company we could cut their access via our normal procedures. However because the Captcha stalls the process, the user (or another user) could discover that password. So now we have to deprovision that user in another system (TeamViewer) as well as our SSO system and a few others too. The ideal situation would be that TeamViewer did what most of the industry is now doing and provide SAML support, but while we wait for that I would love the option to disable that captcha thingy, at least on my own browsers.
At this point in the game, all major applications should start adopting SAML or other SSO technologies. It is a must when managing many applications and their permissions and identities