6·
7 months agoA couple of notes on COBRA, the cost is because you’re (usually) losing the amount your employer pays toward health insurance, plus the administrator charges a percent on top to administer the program. So the cost will definitely depend on which plan you already have and how much the employer pays.
With COBRA you’ll be locked into your current plan, but should have the opportunity to change plans when the employer goes through annual/open enrollment.
Another thing to note is that you’ll keep access to any HSA accounts you have (this is money you and/or your employer has put in an account.). You will lose access to any FSA balance you have, unless you elect it while electing COBRA.
Security through obscurity is not security.
Additionally, any method that generates a code locally that needs to match the server will not be secure if you can extract the key used locally. Yes you can argue that more users makes a juicier target, but I’d argue that Microsoft has the resources spend reducing the chance of an exploit and the resources to fix it fairly quickly. Much more so than any brand new team.
The default authentication option for the company I work for is that a code is displayed in the screen of the device I’m logging into AND a push notification is sent to the Authenticator app, the app then prompts me to enter the code from authenticating device. To break that you’d need the username, password, a clone of the phone/device used to authenticate (or the original), and the user’s PIN for that device (MS Authenticator requires this to complete the authentication.)
Yes MS Authentication services do sometimes go down, and yea it can impact my ability to work
I am by no means a MS fanatic, but I’d trust them for mission critical authentication over something like Authy.