MFA.

22 employees mapped against 8 production systems. 6 missing FIDO2 enrollment on at least one critical system. 2 admins still using SMS as their only second factor.

SMS MFA is one SIM-swap away from being no MFA.

MF-014 · S. Wong · GitHub admin SMS ONLY

No FIDO2, no TOTP. SMS only. Last login from new device 2025-11-04.

Enroll FIDO2 today, disable SMS fallback, audit recent logins.