I think corporations are just as worried about employee X willingly giving account info to employee Y, as they are about a malicious attack.
Of course the real fix for both scenarios is two-factor authentication. Not something that practically begs the user to either write their password down or append apr-11 to their normal password.
Of course the real fix for both scenarios is two-factor authentication. Not something that practically begs the user to either write their password down or append apr-11 to their normal password.