![]() ![]() Granted, after registration is complete, an actual MFA challenge should only ever be triggered when there is a problem detected with the sign-in, but still… there is something to be said for exceptions. That means even guest accounts, service accounts, emergency access accounts, etc. It is all or nothing, so when this gets turned on, it is turned on globally for all accounts. Now there is one big drawback: no exceptions are possible here. If it is not a convenient time, they can simply bypass the registration until they are ready to complete the process. Especially that 14-day on-ramp–customers love that option. Users with leaked credentials (found on dark web) will be blocked and required to change passwords. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. Archives
December 2022
Categories |