|
|
|
|
|
|
by omh
66 days ago
|
|
|
I'll take that bait ;-) IP filtering is a valuable factor for security. I know which IPs belong to my organisation and these can be a useful factor in allowing access. I've written rules which say that access should only be allowed when the client has both password and MFA and comes from a known IP address.
Why shouldn't I do that? And there are systems which only support single-factor (password) authentication so I've configured IP filtering as a second factor. I'd love them to have more options but pragmatically this works. |
|
|
I do understand the value of blocking unwanted networks/addresses, but that's a bit different problem space.