I love/hate MFA security

Security
Security
security

As a professional I love it, but as a user I hate it.

MFA is the security that prompts you to confirm you are who you say you are on your phone/tablet/computer. However you set it up. It might even ask you to enter a number it sends you.

I am glad that companies are taking security more seriously by having this, but as the end user there are still plenty of flaws here. It does have its security issues as well, and other methods are still more secure.

This is really to acknowledge that this is a pain and IT people know it is a pain. No one wants to be challenged to do their job, and its not always a simple matter. It is not just typing in the code, it is is often that you have to authenticate to your phone before and sometimes after during this transaction. So something that was never an issue can take time that is frustrating to take multiple times per day.

I get it. Companies are working on more transparent and helpful ways to ensure security. The problem is that they can be costly, and or not realistic. For example at one company they used Yubikeys and while that was convent, it was a risk if they lose their key. There was also the time/expense of managing it, and ultimately they switched to Microsoft Authenticator which saved the company money.

Now as an IT admin, our security is even more through. In addition to using Microsoft authenticator, we also often have to use Okta Verify, a VPN and multiple levels of passwords. I am not complaining, but just explaining that we also have to do things we don’t want to do to keep the company safe. We do them because we have no choice. We must do this to keep a company safe.

See also  Ronnie Milsap - She Loves My Car

Its hard to hear when someone who only has to deal with one level of authentication complains. We understand, but be glad you don’t work in IT. Or fighting with authentication systems would be a significant and growing part of your work day experience.