I'm new to my organization and facing some challenges with password management for our blue collar workers who use shared computers. Given that our IT department is understaffed and our budget is significantly lower than that of similar companies, I'm looking for effective ways to improve the security of user logins and streamline the password reset process. Currently, workers log in with a username and password, but there's no multi-factor authentication (MFA) because most don't have company phones and often refuse to use their personal phones. When someone forgets their password, they have to go through their supervisor to get it reset, which adds unnecessary stress and workload for supervisors. What are some practical options to enhance security and simplify password management under these constraints?
5 Answers
If hardware tokens aren't an option, could you look into delegating the password resets to the supervisors directly? That could save a lot of time for everyone involved.
You could consider a setup where you provision old smartphones specifically for this purpose. That way, they can generate MFA codes and self-service password resets without too much hassle.
Have you thought about utilizing old smartphones with authentication apps like Microsoft Authenticator? They just need Wi-Fi and can provide a good 2FA option.
You might want to consider using hardware tokens like YubiKeys. They provide MFA without requiring expensive ongoing phone plans, which could fit your budget constraints better.
YubiKeys or something similar could definitely help, especially for on-site access. The important part is making sure your setup supports them well.
Related Questions
Can't Load PhpMyadmin On After Server Update
Redirect www to non-www in Apache Conf
How To Check If Your SSL Cert Is SHA 1
Windows TrackPad Gestures