Comment by beAbU
19 hours ago
Having people with that level of access without some form of two-person-control is already a sign of incompetence.
19 hours ago
Having people with that level of access without some form of two-person-control is already a sign of incompetence.
Twins can defeat two-person control (okay I know one of them was locked out).
You always have to be careful about overfitting to a specific scenario like "this but if they had also forgotten to lock out the other evil twin". I'd prefer a system that is robust to a malicious employee (more likely: compromise of an employee's credentials) but has a slight gap in the "evil twins" scenario over one that prevents all post-firing malicious access from twins but doesn't consider at all what happens if a current employee's credentials are compromised.
TFA: Twins Fucking Authenticate!
Maybe they did, but since they were twins...
This takes the whole "you must mean my evil twin" to an actual example. Maybe this is more "you must mean my other evil twin". Part of me really wishes their names were Daryl