|
|
|
|
|
|
by bob-bot
1298 days ago
|
|
|
My last company we used only virtual MFA as it was easier to manage with a remote team. For Root MFA, could easily enforce a 2 group action through a password manager, one group to obtain the password, the other to get the TOTP. Before having the ability to apply both HW and Virtual tokens per user, what did you do? only use HW devices? Or just Virtual? What use cases do you have now for both at the same time? |
|
|
I am transitioning many of my accounts (not just AWS) to hardware tokens and away from TOTP, but it is important to have > 1 token enrolled in case of loss.