x

Critical: Multi-Factor and Two-Factor Authentication Need To Be Implemented

Civil Negligence:

"It is possible for a company to be held liable when the customer data stored within is hacked by an outside source. Even though the business has become the victim of a crime, it may still be accountable for the incident. This is due to the ability of the company to secure the information. Some organizations have poor security measures, and consumers are expecting these companies to ensure the data is safeguarded from the casual hacker. The customer feels the information has not been adequately protected." (emphasis my own; via hg.org)

<rant>

I've been on Weebly for years and have built multiple sites for customers who trust and depend on Weebly to protect their data, and now I'm shopping around for a different provider.

As I type this, it's 2022. Multi-factor and Two-Factor Authentication should be mandatory on a secure site, and my confidence in Weebly is non-existent due to their negligence in providing a secure environment.

Cyber threats are real, and any information compromised due to Weebly's willful inaction will result in a lawsuit for civil negligence, and I will contact my State's Attorney General for possible criminal negligence. The fact that Weebly (or Square/Block) is dragging its feet on implementing this crucial feature is begging for the theft of personal, financial, and sensitive data that is critical to their customers.

It's absolutely in Weebly's best interest, and (more importantly) the interest of its customers, to enable MFA/2FA — authenticator apps (Authy, Google Authenticator), Yubikeys, Titan Security Keys, etc, — to keep your customers' (and their customers') data secure... and avoid a completely unnecessary cyber scandal that will cost Weebly customers and money.

I'm savvy enough with coding and white-hat hacking that I could, with a little research, break into Weebly's servers if I was so inclined... and I'm just an enthusiast. Think for a moment what an actual criminal or state-sponsored organization could do. That should absolutely terrify you.

This is non-negotiable, and it's a very real problem that Weebly needs to address ASAP. Weebly will lose and is losing customers due to the lack of this critical feature, and Weebly will be held accountable for civil (and possible criminal) negligence when inevitable attacks occur.

I'm writing this in advance as notice that I will hold Weebly/Square/Block responsible for the leak of any data due to their ongoing negligence. Weebly has had years to implement MFA/2FA (with your customers begging for this feature) and you've taken no steps to secure our data. That is the very definition of civil negligence, and a strong case could be made for criminal negligence. (I've consulted an attorney on this matter, and this information comes from him; I'm not a legal expert.)

Fix it now, Weebly.

(Apologies for the overuse of bold/italic text, but I'm absolutely livid and completely outraged that this has seemingly not been a request Weebly has considered implementing... for years now!)

</rant>

1,168 Views
Message 1 of 2
Report
1 REPLY 1

I totally agree! They need to get two factor authentication in place, ASAP! A huge tech company and they can't insert that code? Hmmm.
890 Views
Message 2 of 2
Report