The Latest in IT Security

Two-Factor Authentication Bypassed in Simple Attacks

13
Apr
2016
Two-Factor Authentication Bypassed in Simple Attacks

2FA-multi-factor-authentication-defeat-cybercriminals-future-how-to-938x535

Mobile phone-based two-factor authentication (2FA) mechanisms are plagued by synchronization vulnerabilities that allow attackers intercept One-Time Passwords (OTPs) and bypass the security of many financial services, researchers say.

In their paper called “How Anywhere Computing Just Killed Your Phone-Based Two-Factor Authentication,” researchers Radhesh Krishnan Konoth, Victor van der Veen, and Herbert Bos demonstrate practical attacks against both Android and iOS devices, showing how a Man-in-the-Browser attack can be elevated to bypass 2FA.

Read More

Leave a reply


Categories

FRIDAY, DECEMBER 15, 2017

Featured

Archives

Latest Comments

Social Networks