Quote:
Originally Posted by nighthawk700
Well, this will kill the reason I got my kids Fastmail accounts in a family account. I set up filters in their accounts so I get a copy of every email they send and receive so I can monitor their usage, then give them the restrictive password while I keep the master so they can't monkey around with the filters. I chose to do that rather than one of the "kids email services" since it seemed to be about the same functionality at a better cost and hey, they get to use my email domain name too. Sounds like after Aug I'll have to give them the master password to the account, and will have to trust they won't monkey around with the filters. (they are pretty bright about things like that).
(and it looks like the new security features won't work for me anyway... in my workplace I can't bring in a cell phone, nor insert a USB device. The parking lot is too far to run in and jump on my computer in the 60 second or so window discussed.)
Back to the drawing board. PROGRESS!! ;-)
|
Re: Kid's accounts -- I have something similar set up, but recognize that any smart kid can get around whatever limitations I set up -- not to mention, easily figure out a way to set up a Gmail account, thus blowing up any supervision I can have... so while I do have filters set up to forward email like you, as admin in a family account, I can always go into their account if needed and see what's going on. Yes, they could disable filters, send emails, delete evidence, re-enable filters... so they can get around this, but there's also an element of trust. I hope my relationship with them isn't distilled down to a game of trying to catch them. If that's the case, I think I'd have bigger issues at play. If they really want to get around my protections for them, they'll figure out a way anyway. So my focus is building a strong relationship with them, while still having a decent level of parental access if needed. Theoretically, if you had to have total retention, you could upgrade the whole family to a business account and use their tamper-proof business email retention service...
Re: office limitations of this new 2FA, technically, there is a way around your situation, which would be to use the old-style Yubikey, which doesn't have an expiration on the code... the issued authentication code technically only expires once the next code is issued. So you could use the old Yubikey method out in your car... then copy that manually once you get into your office... it would be a big hassle since it's a long code to copy down, but at least it would be feasible.