LordPhantom (Mathew)Dec 2
Just heard someone say "I just need to grab the phone we use for 2 factor authentication". If you ever hear this, new IT management is required.
Show threadFKA ZOGDec 3
@LordPhantom so what is the industry best practice 2FA that is better than TOTP on a phone?
Show threadMyke-moved-to-a-new-instance. Link in Bio.
@zog @LordPhantom and/or dealing with providers that don't understand that more than one human may need to log in and manage an account.
Dec 3 at 3:49amWeb
Show threadLordPhantom (Mathew)Dec 3

@mWare @zog Yeah, for sure this drives me nutty at times. Thankfully those services are few these days.

I still wouldn't let a client of mine have a "shared MFA mobile", I'd just ensure all users who need access have the MFA setup.