Ok, maybe that’s a bit dramatic. But for most companies with web services, the answer is a serious “yes” for ditching passwords for those services. Why is that? Let’s talk about how the typical external pentest might go.
Article Link: https://isc.sans.edu/diary/rss/23361