|
|
|
|
|
|
by reaperman
1031 days ago
|
|
|
To be clear, Shibboleth is often self-hosted and usually the grey-beards understand how to maintain it. It's been around a long time and is very stable/robust and at least as unlikely to fail as Duo/Cisco (which are overall fairly robust with rare enough breaking failures). OTOH, rolling their own 2FA would likely create points of failure that rear their ugly head more often, not less often. Shibboleth is kind of an outlier here, due to its age/maturity and position as a very old-school piece of foundational tech that got implemented when academic IT salaries were quite a bit easier to live on than they are today. The disparity between tech salaries in academic institutions and FAANG/SaaS corps has grown immensely in the past 20 years. Most of the people who do the real work at academic institutions have been employed there for 25-40 years. Most of the young people can't stick around for long because they need to earn more money to build a stable life. |
|
|