Brian_B
FPS Enthusiast
- Joined
- May 28, 2019
- Messages
- 8,152
- Points
- 113
So, due to a rise in phishing attacks at work, they have implemented a new protocol on MS Exchange.
I have to sign into my devices every week. And have a "strong" password that must be changed every 2 months.
Ok, that doesn't sound too bad. I have very strong, random passwords in a Manager. I have long since lost the ability to remember various passwords since password sharing became an offical "bad idea"
I go to paste in my 18-character completely gibberish very strong password... for my security, they will not allow me to Paste into the password field.
...
Ok, so I type in all 18 characters of random gibberish, resembling a Windows Installation Product Key.
It sends me a 2FA code to my Microsoft app. Which is signed in with this same account, on the same device.
So, the Authentication app now needs me to renew my login as well. Once a week. And I can't paste it in either.
...
So I get that logged in. The Authenticator app now pops up Biometrics. Ok, great now maybe it won't need my password again. Just enter my PIN number to enable biometrics.
Now I get the 2FA code.
Now I can enter the 2FA code back into the email client, and get my email.
Our email is now protected by two Strong-enforced password fields which must be manually entered, 2FA, biometrics, and a device PIN code.
All of this, will definitely prevent me from clicking phishing links, because I will torch the entire MFing email system down and just shift everything over to Signal (which is good enough for the Military) if I seriously have to go through this every single week.
I have to sign into my devices every week. And have a "strong" password that must be changed every 2 months.
Ok, that doesn't sound too bad. I have very strong, random passwords in a Manager. I have long since lost the ability to remember various passwords since password sharing became an offical "bad idea"
I go to paste in my 18-character completely gibberish very strong password... for my security, they will not allow me to Paste into the password field.
...
Ok, so I type in all 18 characters of random gibberish, resembling a Windows Installation Product Key.
It sends me a 2FA code to my Microsoft app. Which is signed in with this same account, on the same device.
So, the Authentication app now needs me to renew my login as well. Once a week. And I can't paste it in either.
...
So I get that logged in. The Authenticator app now pops up Biometrics. Ok, great now maybe it won't need my password again. Just enter my PIN number to enable biometrics.
Now I get the 2FA code.
Now I can enter the 2FA code back into the email client, and get my email.
Our email is now protected by two Strong-enforced password fields which must be manually entered, 2FA, biometrics, and a device PIN code.
All of this, will definitely prevent me from clicking phishing links, because I will torch the entire MFing email system down and just shift everything over to Signal (which is good enough for the Military) if I seriously have to go through this every single week.