moderated Re: Wording to disable two-factor (2FA) #suggestion


Jeff Smith
 

Well if you must, I will repeat the reasons here what I said is wrong with your ideas in the Group_Help.

Microsoft and Facebook are the two crappiest examples of security or common sense. If you prefer those, that is why I said you do not want security.

"whoever is entering the password has already passed two-factor authentication"
Obviously a false assumption. You left out all the ways the intruder has either found the computer unattended or had a remote access to their screen. Just last month my client literally had this exact problem, where the intruder had snuck into his office. They had obtained all the passwords they wanted, but they would not have gotten the login on there home computer because they would not have the 2FA. Obviously they would have simply disabled his 2FA since they did have his password.

Join main@beta.groups.io to automatically receive all group messages.