I remember when 2FA meant a text message and nothing else

Back in 2014 I worked at a small office where the only security we had was a simple password that never changed. Then we got hit with a phishing attack that cost us about $3,000 in fake invoices. After that my boss finally let me set up two-factor authentication for everyone. At first people complained about the extra step but within a year it cut our security incidents down to zero. Now every site wants you to use an authenticator app or a hardware key and I think that's a good thing. Has anyone else seen their workplace push back on adding extra security layers?

2 comments

2 Comments

hugo_coleman284d ago

Fake invoices and a boss who finally listened, sounds like a pretty cheap security audit if you ask me.

gray_smith674d ago

A fake invoice audit probably caught more than most real ones do, since the boss was actually paying attention for once. The cheap price just means the auditor didn't waste money on fancy reports nobody reads. Sounds like the company got its money's worth and then some.