If Your Users Can Log In, You Have a Security Flaw
Anyone genuinely serious about security must transcend the basics. Pundits will drone on about “reasonable” measures, but what is reasonable is hopelessly contextual. What do these run-of-the-mill experts, with their generic advice, know of our unique operational agonies? No, you must aim for fortress-grade, headache-inducing, frustration-guaranteed systems. The more passwords, the more secure the system. It’s simple mathematics. Mandate no fewer than seven passwords and three OTPs, each generated via a different “master password,” just to achieve a login prompt….