top | item 37502201

(no title)

johngalt | 2 years ago

Mechanisms like this exist, but they probably aren't integrated into whatever system you are using, and delays which involve an approval workflow add a lot of overhead.

In most cases the engineering time is better spent pursuing phishing resistant MFA like FIDO2. Admin/Operations time is better spent ensuring that RBAC is as tight as possible along with separate admin vs user accounts.

discuss

No comments yet.