moderated Re: Wording to disable two-factor (2FA) #suggestion


Bruce Bowman
 

On Tue, Nov 3, 2020 at 12:56 AM, Jeff Smith wrote:
"whoever is entering the password has already passed two-factor authentication"
Obviously a false assumption. You left out all the ways the intruder has either found the computer unattended or had a remote access to their screen.
Jeff -- It just seems to me, if you're the kind of person who does things like that, no amount of security questions or login factors is going to work.

Just last month my client literally had this exact problem, where the intruder had snuck into his office. They had obtained all the passwords they wanted, but they would not have gotten the login on there home computer because they would not have the 2FA.
Correct.

Obviously they would have simply disabled his 2FA since they did have his password.
Assuming they knew 2FA was in place and they had to do something to disable it [while they were sitting there in clandestine fashion] and had all the time in the world to figure all that out, yes.

What I'm seeing much more frequently in questions posed to GMF and Group_Help are from people who have lost their second factor and damaged a device or reset it to factory defaults and now need support help just to log in. It seems appropriate to weigh the likelihood of one against the other.

Regards,
Bruce

Join main@beta.groups.io to automatically receive all group messages.