totp – Computer Security Articles

Has two-factor authentication been defeated? A spotlight on 2FA’s latest challenge

January 21, 2019 admin 2fa, 2FA modlishka, Amnesty International, CERTFA, cybercrime, defeat 2FA, mantis, modlishka, password manager, PGP, Social engineering, the return of charming kitten, totp, two-factor authentication

Credit to Author: Malwarebytes Labs| Date: Mon, 21 Jan 2019 16:15:30 +0000

While many tech-savvy folks are familiar with two-factor authentication (2FA), more are unaware that there are several ways around it. A tactic called Modlishka, the English pronunciation for the Polish word for “mantis,” is the latest in this list.

Categories:

Tags: 2fa 2FA modlishka Amnesty International CERTFA defeat 2FA mantis modlishka password manager PGP Social Engineering the return of charming kitten totp two-factor authentication

MalwareBytes Security

Is two-factor authentication (2FA) as secure as it seems?

September 14, 2018 admin 101, 2fa, biometrics, brute force, Facebook, fake login, FYI, mfa, multi-factor authentication, Password reset, phishing, Social engineering, third-party login, totp, two-factor authentication

Credit to Author: Pieter Arntz| Date: Fri, 14 Sep 2018 15:00:00 +0000

Two factor authentication (2fa) was introduced to enhance login security, but does it always work as advertised? Or can it be bypassed?

Categories:

Tags: 2fa biometrics brute force facebook fake login mfa multi-factor authentication password reset phishing Social Engineering third-party login totp two-factor authentication

Independent Krebs

Reddit Breach Highlights Limits of SMS-Based Authentication

August 1, 2018 admin 2fa, Authy, data breaches, google, Google Authenticator, number port-out scams, Reddit breach, Security Keys, Security Tools, totp, twofactorauth.org, Yubico

Credit to Author: BrianKrebs| Date: Thu, 02 Aug 2018 00:55:17 +0000

Reddit.com today disclosed that a data breach exposed some internal data, as well as email addresses and passwords for some Reddit users. As Web site breaches go, this one doesn’t seem too severe. What’s interesting about the incident is that it showcases once again why relying on mobile text messages (SMS) for two-factor authentication (2FA) can lull companies and end users into a false sense of security.

MalwareBytes Security

Understanding the basics of Two-Factor Authentication

January 20, 2017 admin 101, 2fa, authentication, FYI, mfa, Multi-Factor Authorization, passwords, Pieter Arntz, sso, token, totp, two-factor authentication

With data breaches resulting in leaked passwords occurring almost daily, two-factor authentication has become an essential tool in the security toolkit.

Categories:

Tags: 2fa authentication mfa Multi-Factor Authorization passwords Pieter Arntz sso token totp two-factor authentication

(Read more…)