Quote:
Originally Posted by Peregrine
I work in IT. When the pandemic lockdown started in Ohio I had a few new users start. I did not enable MFA for them because we were remote and it was only 6 weeks so I figured I would wait til they were in the office to set it up for them. One week before we came back in the office, one of those users had their account compromised by someone in Bulgaria.
Luckily I had tools in place to recognize this right away and I shut it down in less then 10 minutes.
MFA prevents this. I am at work right now and was just doing an audit. (Hanging out here while I wait for some results). See attachment: this happens all day every day constantly. These are bots trying to compromise our accounts....
|
In an entirely different scene, I look at Wordfence reports on my Wordpress sites.
Those bots are relentless and legion. It is quite illustrative.
I pay for blocking all IPs from outside the USA on one site, and WordFence helps greatly.
Of course, many are via VPNs with US IPs, so they still register.
But very few come through.