|
|
|
|
|
|
by cratermoon
1356 days ago
|
|
|
Unless your company is in a high-risk security-sensitive business, they shouldn't. Most companies can accept the low risk of only requiring a second factor sometimes. Usually time-based, but also looking at location and device fingerprint. For example, if you normally log in from your laptop at work in one state and then it sees you trying to log in from a computer in another state (maybe you're visiting family?) it should definitely challenge you. |
|
|