Reply to post: Don't understand why people think it costs

2FA? We've heard of it: White hats weirded out by lack of account security in enterprise

Joe Harrison

Don't understand why people think it costs

We don't have many external-facing systems that matter, but when we implemented one recently we used TOTP (Time-based One-Time Password that is, not Top Of The Pops.) No licenses to buy it is all either free or Free software.

Many of us resist using our own phones for corporate stuff but for people who use Google Authenticator for everything anyway it was not really a hardship to add one more entry to its list. People who couldn't or didn't want to got shown how to install the Authenticator browser extension instead which is at least 1.75FA and better than nothing.

I take the point from @Caff above "what about the auditing costs" but we had to have it audited anyway no matter how many FA we put in.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon