We are an MSP and often have client users request help with passwords. Looking for ‘current’ guidance on effective ways to verify people are who they say they are. It used to be that calling them worked, but so much spoofing of phone numbers and emails anymore that doesn’t seem very effective.
Looking for what others are doing these days…
