Guns are banned and there's a night guard with a Big Mag flashlight or a
billy club walking the beat around the bank, kicking a homeless man who
fell asleep on the sidewalk to tell him wake up or your pocket's going be
picked clean by morning, because you've got too much money in your name for
your own good anyways, if you've got any teeth left in your mouth or can
afford the dentist's bill for that.
On Saturday, July 2, 2022 12:15:09 AM AKDT, Marc wrote:
I have a small client whose insurance company insists they
have MFA for their email to be covered under some kind of data
protection policy. Currently I have the client set up on a Debian box
for the email server coupled with roundcube for webmail. Most the users
just use roundcube but some also use their mobile devices to check ...
The two factor became necessary for the big 'moron' companies
who decided to start using email addresses as logins so it was
easier to track people, because in that situation you only have
to try commonly used passwords or passwords used at a different
application.
If you stay with an username that is not published publicly,
the commonly known password is still useless, since you do not
have the username.
I think for a small organization you can push this
implementation at the insurance company. Unless of course they
do not think ios and windows are not secure enough to store your
username ;)
