> Guess the average strength of an employee password!
It is interesting how sometimes creating "more secure" measures results on less security. Our IT department decided that using 2fa for vpn is not enough, we should also extra 2fa for connecting to the webmail even through intranet or vpn. Guess who stopped using the vpn.
Meanwhile, one can set up and use our email through any email client app on desktop or mobile without any 2fa at any step. Go figure.
It is interesting how sometimes creating "more secure" measures results on less security. Our IT department decided that using 2fa for vpn is not enough, we should also extra 2fa for connecting to the webmail even through intranet or vpn. Guess who stopped using the vpn.
Meanwhile, one can set up and use our email through any email client app on desktop or mobile without any 2fa at any step. Go figure.