> What gets me is like: Password authentication SUCKS.
There's a conference for that. Has been since 2010. Not quite sure about 2017/2018
> My boss (CEO) didn't want to implement any kind of 2 factor authentication, because it's cumbersome and will lower conversion rates
True. "Security is not a convenience". But there's no easier way to get people authenticating off of something at least a bit secure than straight totp 2fa.
There's a conference for that. Has been since 2010. Not quite sure about 2017/2018
> My boss (CEO) didn't want to implement any kind of 2 factor authentication, because it's cumbersome and will lower conversion rates
True. "Security is not a convenience". But there's no easier way to get people authenticating off of something at least a bit secure than straight totp 2fa.