Comment by bux93
2 days ago
I mentioned MFA because 11.6 says to change "authentication credentials", but with MFA that could mean both factors or either. So key rotation without changing the "what you know" factor would arguably also satisfy the requirement; the term 'credentials' is not defined, and especially not defined in relation to MFA.
No comments yet
Contribute on Hacker News ↗