Comment on Passwords and 2FA at a small business
catloaf@lemm.ee 6 months ago
The replacement cost for user devices isn’t high, for you it’s zero. At most it’s your time helping them reprovision the token. Or to the cost of a temporary other token, which you could keep stocked.
I set up MFA some years ago with yubikeys and authlite to protect AD, it wasn’t that expensive. We also did 365 auth to the Microsoft app on personal phones. We didn’t have any complaints there, but if we did we would have issued a token or something.
FriedSink@thelemmy.club 6 months ago
Assuming they replace their own phone you mean? There’s also productivity loss that we’d like to avoid. Temporary token stocked in what way?
I’m not familiar with AD so I’ll have to do some more research into it.
catloaf@lemm.ee 6 months ago
It depends on what you’re protecting and how. The token might be a yubikey or RSA token, for example. Whatever is supported by your MFA product. It could even be an old loaner cell phone with no cell service if the only method is an app.