assurance - RE: [Assurance] can two-factor be hacked ?
Subject: Assurance
List archive
- From: "Jones, Mark B" <>
- To: "" <>
- Subject: RE: [Assurance] can two-factor be hacked ?
- Date: Tue, 11 Mar 2014 10:05:23 -0500
- Accept-language: en-US
- Acceptlanguage: en-US
Right. So, in summary, MFA is a good worthwhile defense, but will not
protect you from every vector of attack.
> -----Original Message-----
> From:
>
> [
> ]
> On Behalf Of Cantor, Scott
> Sent: Tuesday, March 11, 2014 9:34 AM
> To:
>
> Subject: Re: [Assurance] can two-factor be hacked ?
>
> On 3/11/14, 3:20 AM, "Jones, Mark B"
> <>
> wrote:
> >
> >As far as the original question. It seems to me that MFA is a good
> >defense.
>
> Then I think you misunderstand the question, it's the exact scenario where
> typical OTP approaches to MFA do not solve the problem. A MITM attack
> against all legs can simply steal and play the OTP to obtain a session.
> Normally it's done innocently as in this case, but it can be done as an
> attack.
>
> -- Scott
Attachment:
smime.p7s
Description: S/MIME cryptographic signature
- [Assurance] can two-factor be hacked ?, Steven Carmody, 03/07/2014
- Re: [Assurance] can two-factor be hacked ?, Cantor, Scott, 03/07/2014
- Re: [Assurance] can two-factor be hacked ?, David Langenberg, 03/07/2014
- RE: [Assurance] can two-factor be hacked ?, Eric Goodman, 03/10/2014
- Re: [Assurance] can two-factor be hacked ?, Tom Scavo, 03/10/2014
- RE: [Assurance] can two-factor be hacked ?, Jones, Mark B, 03/10/2014
- Re: [Assurance] can two-factor be hacked ?, Tom Scavo, 03/10/2014
- RE: [Assurance] can two-factor be hacked ?, Jones, Mark B, 03/11/2014
- Re: [Assurance] can two-factor be hacked ?, Farmer, Jacob, 03/11/2014
- Re: [Assurance] can two-factor be hacked ?, Cantor, Scott, 03/11/2014
- RE: [Assurance] can two-factor be hacked ?, Jones, Mark B, 03/11/2014
- RE: [Assurance] can two-factor be hacked ?, Etan Weintraub, 03/11/2014
- RE: [Assurance] can two-factor be hacked ?, Farmer, Jacob, 03/11/2014
- Re: [Assurance] can two-factor be hacked ?, Dana Watanabe, 03/11/2014
- RE: [Assurance] can two-factor be hacked ?, Jones, Mark B, 03/11/2014
- RE: [Assurance] can two-factor be hacked ?, Jones, Mark B, 03/11/2014
- Re: [Assurance] can two-factor be hacked ?, Tom Scavo, 03/10/2014
- RE: [Assurance] can two-factor be hacked ?, Jones, Mark B, 03/10/2014
- <Possible follow-up(s)>
- Re: [Assurance] can two-factor be hacked ?, Joe St Sauver, 03/07/2014
- Re: [Assurance] can two-factor be hacked ?, Steven Carmody, 03/07/2014
- Re: [Assurance] can two-factor be hacked ?, Cantor, Scott, 03/07/2014
- Re: [Assurance] can two-factor be hacked ?, David Langenberg, 03/07/2014
- Re: [Assurance] can two-factor be hacked ?, Cantor, Scott, 03/07/2014
- RE: [Assurance] can two-factor be hacked ?, Farmer, Jacob, 03/07/2014
- Re: [Assurance] can two-factor be hacked ?, David Langenberg, 03/07/2014
- Re: [Assurance] can two-factor be hacked ?, David Langenberg, 03/07/2014
- Re: [Assurance] can two-factor be hacked ?, Cantor, Scott, 03/07/2014
- Re: [Assurance] can two-factor be hacked ?, Steven Carmody, 03/07/2014
Archive powered by MHonArc 2.6.16.