Their analogy is from the perspective of an authorized user complaining about inconvenience, completely ignoring the things I was addressing (their statement that 2fa provides no benefit)
they said it provides no benefit to them…
and i get it - for some things, maybe you don’t need “all the security” … just “enough” of it.
for example; i might not need any lock on my laundry room door, i might choose a privacy lock on my toilet room door (no key required to unlock), but i will fit an additional a deadlock on the front door. each has a level of security that i deem to be appropriate.
they asserted their opinion about MFA as it pertained to them, not in general.
I’m not talking about appropriate security posture for a given individual though. I’m speaking specifically to their claim that it has provided “no benefit”, and that is a claim they cannot even prove. Whether the benefit is negligible, because the account(s) are unimportant to them, or massive, because they are dealing with financial institutions, is completely irrelevant to the veracity of the statement.
I find this line of argument especially ridiculous considering that they are apparently using MFA enough for it to be worth commenting about the nuisance. So either they are using it a lot, in many places, and definitely can’t back up a “no benefit” claim, or they’re using it very little and/or only for unimportant accounts, at which point their claim is saber rattling at best, and misleading to others at worst.
I just think it’s funny how this is literally my job and you think you know better xD
Your metaphor is garbage and makes no sense because you are providing the perspective of an authorized user while I’m speaking about attackers.
You think that because your house hasn’t been broken into that the locks are pointless. But it’s the locks that keep your house from being broken into
I literally have this conversation with dumbass leadership on a regular basis; how the absence of security compromise isn’t a reason to cut security, but rather proof that the security is working
Ok. Why don’t you try explaining how digital security works to the security professional some more. I’m sure you’ll convince me real soon 😜
I’m a security professional also, i don’t see the issue with their analogy?
Their analogy is from the perspective of an authorized user complaining about inconvenience, completely ignoring the things I was addressing (their statement that 2fa provides no benefit)
they said it provides no benefit to them… and i get it - for some things, maybe you don’t need “all the security” … just “enough” of it. for example; i might not need any lock on my laundry room door, i might choose a privacy lock on my toilet room door (no key required to unlock), but i will fit an additional a deadlock on the front door. each has a level of security that i deem to be appropriate. they asserted their opinion about MFA as it pertained to them, not in general.
I’m not talking about appropriate security posture for a given individual though. I’m speaking specifically to their claim that it has provided “no benefit”, and that is a claim they cannot even prove. Whether the benefit is negligible, because the account(s) are unimportant to them, or massive, because they are dealing with financial institutions, is completely irrelevant to the veracity of the statement.
I find this line of argument especially ridiculous considering that they are apparently using MFA enough for it to be worth commenting about the nuisance. So either they are using it a lot, in many places, and definitely can’t back up a “no benefit” claim, or they’re using it very little and/or only for unimportant accounts, at which point their claim is saber rattling at best, and misleading to others at worst.
And I’m the queen of France.
Oh shit im talking to a master hacker! How could I have been so foolish??
Nobody cares
I just think it’s funny how this is literally my job and you think you know better xD
Your metaphor is garbage and makes no sense because you are providing the perspective of an authorized user while I’m speaking about attackers.
You think that because your house hasn’t been broken into that the locks are pointless. But it’s the locks that keep your house from being broken into
I literally have this conversation with dumbass leadership on a regular basis; how the absence of security compromise isn’t a reason to cut security, but rather proof that the security is working
But go off, dude. You just look like a fool