Skip to Content.
Sympa Menu

assurance - RE: [Assurance] can two-factor be hacked ?

Subject: Assurance

List archive

RE: [Assurance] can two-factor be hacked ?


Chronological Thread 
  • From: "Jones, Mark B" <>
  • To: "" <>
  • Subject: RE: [Assurance] can two-factor be hacked ?
  • Date: Tue, 11 Mar 2014 10:05:23 -0500
  • Accept-language: en-US
  • Acceptlanguage: en-US

Right. So, in summary, MFA is a good worthwhile defense, but will not
protect you from every vector of attack.

> -----Original Message-----
> From:
>
> [
> ]
> On Behalf Of Cantor, Scott
> Sent: Tuesday, March 11, 2014 9:34 AM
> To:
>
> Subject: Re: [Assurance] can two-factor be hacked ?
>
> On 3/11/14, 3:20 AM, "Jones, Mark B"
> <>
> wrote:
> >
> >As far as the original question. It seems to me that MFA is a good
> >defense.
>
> Then I think you misunderstand the question, it's the exact scenario where
> typical OTP approaches to MFA do not solve the problem. A MITM attack
> against all legs can simply steal and play the OTP to obtain a session.
> Normally it's done innocently as in this case, but it can be done as an
> attack.
>
> -- Scott

Attachment: smime.p7s
Description: S/MIME cryptographic signature




Archive powered by MHonArc 2.6.16.

Top of Page