I work in computer security and have seen a couple of websites which require 2FA on the surface, but do not actually check for the token, or offer a 'remember me' option which bypasses the 2FA. Businesses are more worried about the user experience (usability) than making the applications secure. They miss the point that if you get hacked, people definitely won't be using the website...
You are viewing a single comment's thread from:
Yes. A false sense of security or a way to avoid blame when they are hacked. "We had 2FA."