top | item 42853776

(no title)

tkems | 1 year ago

I was shocked when I purchased a domain recently on GoDaddy (I normally use Cloudflare or AWS) and noticed that they have an 'upsell' with more security options (MFA and some other features) for something like $10/yr. Why wouldn't they want their customers to be more secure by default? To me it just reeks of money-grabbing for people that are none the wiser.

discuss

grajaganDev|1 year ago

It is outrageous and irresponsible to charge for MFA.

It show a cavalier attitude toward the greater security of the internet.

Terretta|1 year ago

Same for OIDC (and even traditional SAML SSO).

If every stolen or potentially stolen credential was billed to the breached provider at even $100/account*, SSO would become free so fast your head would spin.

Every credential in the provider's DB would be correctly seen as a liability.

* Arguably the number should be higher and contribute to a infosec response, detection, and preventative measures warchest. Though, ultimately, this would probably just enrich cybersecurity insurance firms.

philsnow|1 year ago

Not exactly the same but this reeks of https://sso.tax.

fastball|1 year ago

Why did you purchase a domain on GoDaddy if you know better?