Cyberattacks nowadays are getting increasingly sophisticated and more frequent nowadays which makes me wonder what would the ramifications be if someone managed to get access to a Make admin account.
Right now, all that seems to stand in the way is an email and a password, and while the IT-savvy minded people here might create secure passwords, and enact 2FA, we no doubt have users/clients with Admin/Owner rights who may not create secure passwords or enact 2FA.
Most accounting software now requires mandatory 2FA, as do other softwares that hold crucial data.
The worrisome thing here is if Make connected to all these software, a bad player who gained access to a Make account, in a way would be bypassing all the 2FA requirements of each of those software and could wreak an unimaginable amount of havoc.
So the question begs to be said, should Make be enacting 2FA as a mandatory feature? SSO is good, but not everyone uses it, especially in smaller business settings.
It’d be nice to see Make also be proactive about user authentication, and enact all the latest developments around it.
What do you think? Keen to hear the community’s thoughts on this