Two-factor authentication for admins¶

Website administrators use two-factor authentication? Yes / No

Team members, support personnel and other people with administrative access to the website use two-factor authentication.

Internet services often provide an administrative site or access in which the site managers perform in-house updates, edits and other support tasks. This kind of administrative access should be available only through two-factor authentication.

If the attacker compromises a password of a team member, the attacker should not be able to get into the administrative site. Furthermore, administrative access can be limited to VPN or other well-known (office) IPs.