Re: 2FA can be worse than just letting things be
You're clearly not going to like this, what with that hornet's nest in your collective bonnet, but that didn't sound unreasonable to me. Most places would have you use a 2fa code at every authentication. Once per 24hrs on non-school-owned devices seems fair enough. I'm kind of amazed that educational establishments still allow byod, what with the extra-sensitive nature of most of their PII.
Places of education tend to have terrible IT security, and this is exactly the type of reaction when anyone tightens it.
The other argument that gets used a lot to block security tech is "academic freedom".
Sadly, the rest of the world is slowly doing this shit, and you're no different. Even if you think you are. Sorry!
Biting the hand that feeds IT
