corporate newsletter email bullshit:
October Is National Cybersecurity Awareness Month!
AND YET THE 2FA WE USE HAS A SECURITY QUESTION AS A REQUIRED SECOND FUCKING FACTOR YOU IDIOTS
@mdszy have they looked at Duo? b/c Duo is kinda neat.
@ischade we use Okta and it would be fine if a security question wasn't a REQUIRED FUCKING SECOND FACTOR
literally defeats the ENTIRE goddamn purpose if someone can just guess what my security question answer is and then boom i'm fucked none of my other factors even exist anymore
@mdszy Yeah... know that feeling 😑
My favorite is an AV console I've used that has a password, and then a second password, BUT they spice it up into being "two-factor" by making you enter random letters of the second password instead of the full password. E.g., the 1st and 5th letter, or the 2nd and 4th letter, etc.
I generously call it one-and-a-half factor authentication 😝
The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!