Reply to post:

2FA? We've heard of it: White hats weirded out by lack of account security in enterprise

Dr. Mouse

I agree 2FA should be implemented by organisations, but getting the bean-counters to understand why it's so important is another matter.

The biggest push back I have seen to new security measures has always been from upper management.

I remember enforcing password strength, expiry and lockout rules in a previous job. While this had been clearly communicated (and had approval all the way from the top) I had to roll it back within a week because one of the directors kept getting locked out. As she was the wife of the MD, he got an ear full and graciously allowed the excrement to flow downhill to me.

That said, the same company had no antivirus when I started (in the late 2000s) and it took an infection to get them to take me seriously about implementing one...

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon