|
|
|
|
|
|
by janfromdaito
1656 days ago
|
|
|
Any decent password manager nowadays allows sharing of 2FA tokens, it's not a technical problem, it's a managerial and staff training problem in non-tech industries. It is simply not enforced enough and there are still too many people who are not aware of the risks and can not be bothered to be inconvenienced. Disclosure: My company is offering a web-based 2FA authenticator (https://www.daito.io/) that explicitly is for sharing 2FA tokens, but not usernames+passwords, thus eliminating a single point of failure. I regularly have discussions about why and sadly why not people are using 2FA. There are tons of small business & mom+pop shops out there who are at risk. I hope the guidance gets upgraded to a mandatory requirement (as some platforms do) sometime soon. |
|
|