Is this common in non school settings? Our brand new tech guy is instituting this. I guess a positive is I will be less likely to check my work email.

_________________

We pointlessly started it in my non-school work last year.

I think it is common...not a big thing when it's working...press a button on your computer, then one on your phone

Is the 2 Factor Authorization to open an individual email, or to just open your email software (i.e. Outlook)?

_________________

We do not have it for Outlook on our phones, but there is special security software added to your phone to protect the company. We only use two factor when logging into our laptops outside company offices.

_________________
Hawaii (fuck) You

No two factor for email but an insane password requirement and the email closes after about 5 seconds of inactivity. Phone locks and have to start all over.

_________________

THe length requirement for passwords is insane. And we used to create a new one every 30 days. Thankfully they have backed off that 30 day thing.

_________________
"He is a loathsome, offensive brute
--yet I can't look away."

for some apps we have to have the microsoft authenticator app on our phone to approve our sign ins. given how many ransomware attacks occur i dont blame IT guys for requiring 2 factor

Yea i dealt w/ a lot of automotive suppliers who forced you to change it ever 30 days. And naturally it couldn't be one that you used previously. Like wtf.

we have it now as part of opening our network. outlook, etc. it's for all of it, through MS. it's real annoying.

I'm sure part of it is simply aging...but I could remember (and still do) a slew of phone numbers...all that space in my head is now occupied by fucking passwords

I hate passwords and I really hate having to change them

It gives me a false sense of security. That's good enough for me.

_________________
Be well

GO BEARS!!!

To answer your question...yes, it's common in the corporate world. Not specific to email, but we have to do it for all software on a daily basis.

_________________

it occurred to me what would happen if my phone got stolen/lost. I don't know anyone's phone # anymore. Like how would I contact anyone.

To open Gmail.

_________________

basic passwords + two factor is the only decent security these days. complex passwords dont work, as youre constantly forgetting them or they make you change them a lot.

i believe the next big craze is voice authentication. apparently its getting good enough they trust it as a password.

_________________
the world will always the world. your entire existence is defined by your response.

Sounds like something AI would be able to copy easily.

_________________

Is everyone's 2FA SMS-based or using some key-generating authenticator? I feel like the services I have that use a key-gen are super secure compared to SMS, but most big name services don't appear to use it.

yea i believe it. SMS i keep getting told is incredibly insecure. but many 2fa use it still. the auth apps seem very good, as they use tokens every signin. many services are jumping on board... i can use google auth app for nextcloud. works perfect.

_________________
the world will always the world. your entire existence is defined by your response.

222-2222

_________________

It's an insurance and customer-relationship thing.

To get Cybersecurity coverage, they require you to have it set. Many customers require that level of insurance coverage so you don't really have much choice.

That may not be all cases but those are the ones I've seen.

_________________
My Maserati does 186.

Yep. And it's another reason I wish we could abolish insurance.

_________________
the world will always the world. your entire existence is defined by your response.

I don't think he's talking about requiring scanning a QR code every individual email or other 2FA, it's a good idea tho: 99% of ransomware/malware/viruses enter networks/pc's via users opening emails and clicking on what they find inside. Google's AI algorithms for scanning email and filtering spam/viruses are no-contest the best; which is why everyone has dumped exchange for gmail or white-labeled gmail under their own domain.

passwords suck for sure. i try to squirrel them away in keepass and then use either the yubikey or some no-password-required alt method. but yubikey is the best, plug it it in your computer/device and unlock so many apps and websites automagically. i don't think carrying a hardware fob will ever be a mainstream thing, so it's relatively secure due to its obscurity (i.e., the hooker rifling through your shit while you're roofied on the hotel bed doesn't know to take it).

good thing to enable lock-screen lockdown on your android device and activate lockdown mode (no fp/face access) when in questionable company or as you're getting pulled over while muling meth across state lines:

cops can't force you to give up your pin or pattern in any jurisdiction--circuits are split on allowing LE to force your finger on your phone or wave it in front of your face to gain access, some say go ahead, and the rest are dubious that it's not a violation:

I see it as the same as you telling them you can't open your glovebox because it's locked. That's not an excuse. But if they have to destroy it to get in, they better find what they're suspecting.

_________________
the world will always the world. your entire existence is defined by your response.

And a lot of businesses which do business with the Feds are required to have similar types of processes.

_________________
"When people want their version of the truth, they go find it, no matter how baseless their beliefs." -- Ken Rosenthal

We went to it after our Epic systems went down for a few days a while back.

Microsoft office was also removed from all of our workstations and everything was removed from local and regional shared drives to a cloud based system only accessible via teams which requires access to email.

Regularly have to spend time showing people how to access email, quite a pain in the ass.

We also had to reinforce social media rules as most of the younger peeps were using the apps to share info instead of accessing internal two factor systems.

Have found the tech savvy people are usually two steps ahead of anything corporate tries to do to force peeps to read corporate emails.

Also have creepy patients stalking staff on social media, it's quite a thing if you work with the public, especially the criminal element we deal with on a daily basis.