It doesn't make sense from a security perspective for the reasons entropy has already laid out. I would need to understand more the concerns of management here, but there are many solutions out there for overcoming issues related to authentication and authorization. Hell, even implementing a 2FA/MFA option (Google Authenticator is easy enough) would clear up most issues.
I can toss my hat into the ring to help advise or consult. There are other areas of concern, too. I have 15+ years in cybersecurity with all the associated alphabet soup of security certifications.
|