On Sat, Jan 12, 2013 at 11:28:04PM PST, Joseph Kern spake thusly: > How likely is the threat you are trying to mitigate?
I am seeing lots of cases where passwords were cracked, guessed, reset using the reset functionality of some service while knowing or guessing the answer to the "security" question etc. So I would say it is actually one of the more likely threats. Just yesterday my brother his email account compromised. Last week a colleague at work had his email account compromised via malware on his machine. 2FA likely would have prevented all of this. > Back to the technical side of things; if you have data that's important enough > for 2-factor auth, I bet you have ID cards for physical entry into your > premises. Most people would consider their personal email important enough for 2FA if they really understood how prevalent the threat is. Corporate data even more so. -- Tracy Reed _______________________________________________ Discuss mailing list [email protected] https://lists.lopsa.org/cgi-bin/mailman/listinfo/discuss This list provided by the League of Professional System Administrators http://lopsa.org/
