Reply to post: Re: @AC (and @ShelLuser)

2FA? We've heard of it: White hats weirded out by lack of account security in enterprise

J. Cook Silver badge
Boffin

Re: @AC (and @ShelLuser)

We have users lock themselves out all the time at [RedactedCo]; they log in on a different workstation using one password, forget to log out of it, log in on a different workstation, change their password, and wonder why they keep getting locked out regularly.

as far as escalating timeouts, the built-in mechanism for Active Directory that handles lockouts only gives a threshold (# of bad passwords in a certain time period) and a duration of lockout that has to occur before it automatically unlocks you.

We've looked at a couple self-service applications, but a lot of them want to install a GINA on every single machine in the environment, and some others are... dodgy at best.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon