If your primary business is handling extremely sensitive information… you should probably force people into 2FA as standard procedure.
23 and me are far from the only company not doing that, though… mostly because they thing people will run away screaming to the lie competitors if they do.
Which, to be fair, is possibly true. People are dumb like that,
It’s not that hard to set up OTP 2FA. It’s actually fairly easy- I managed it on my private cloud server and home security/automation server.
Not really 23andMe’s fault if people don’t secure their accounts properly
I’m mixed on that score.
If your primary business is handling extremely sensitive information… you should probably force people into 2FA as standard procedure.
23 and me are far from the only company not doing that, though… mostly because they thing people will run away screaming to the lie competitors if they do.
Which, to be fair, is possibly true. People are dumb like that,
It’s not that hard to set up OTP 2FA. It’s actually fairly easy- I managed it on my private cloud server and home security/automation server.
This company should be sued/fined out of existence as an example to others.
They have 2fa but it’s optional
Bullshit. They have no limit on how many failed login attempts you can do.
You don’t need multiple failed logins if you have the email and password though
They could force 2FA if the login is coming from a new IP.
If Steam can do it, so can 23andme.