They are so heavy on security I have a Citrix environment that takes me 3 logins
My daily routine:
- Take laptop out of locked shelf
- Start Laptop and enter boot password
- Enter Bitlocker password
- Enter username (not saved) and password
- Open Citrix website and login with different username and password
- Enter MFA token to access said website
- Start server connection
- Enter different username/password (not saved) to access server
- Enter different MFA token for the server login
- Start the business-specific application with 3rd set of not saved and different login data
They also have plans to make MFA mandatory for laptop login, too.
Passwords need to be at least 15 characters long for laptops and 30 for servers and 10 for the business-specific application. All need to have uppercase, lowercase, numbers, and special characters and need to be changed every 60 days (for the server login) and cannot be the last 30 passwords.