@SwiftOnSecurity you ever wish you worked for Okta...

@SwiftOnSecurity you ever wish you worked for Okta and could just... turn on false SMS verification for all users... just to catch this behavior? (as a massive network telescope)

"sure, SMS is on, want to try it?"

and it might actually text the user a real code, but emails them / alerts their SOC going "uh... remember when you turned on 'fake 2fa'? someone's swapped your number"

Like 11 January at 10:43 | Wall-to-wall | Open on tech.lgbt