I’ve been going through updating all of my accounts (passwords, 2FA, etc.), and I’ve noticed that there are a lot of sites that don’t offer any form of MFA.
I can understand smaller services that might not have the bandwidth, but surely larger organisations are able to get this setup?
You must log in or register to comment.
its not even about bandwidth… its about cost to implement over the risk to not implement.
the big big buys have implemented as they helped define the mfa processes we all use. the new, smaller players have implemented because there are easy to implement libraries/services all over (for example, my tiny fediverse instance offers mfa)
the middle tier just havent gotten around to it, or do not see a direct benefit to doing so.