assurance - RE: [Assurance] can two-factor be hacked ?
Subject: Assurance
List archive
- From: "Farmer, Jacob" <>
- To: "" <>
- Subject: RE: [Assurance] can two-factor be hacked ?
- Date: Tue, 11 Mar 2014 15:09:54 +0000
- Accept-language: en-US
I would tweak that a little and say that MFA can be a worthwhile defense, if
it provides protection against the threat vector you are trying to mitigate.
Jacob
-----Original Message-----
From:
[mailto:]
On Behalf Of Jones, Mark B
Sent: Tuesday, March 11, 2014 11:05 AM
To:
Subject: RE: [Assurance] can two-factor be hacked ?
Right. So, in summary, MFA is a good worthwhile defense, but will not
protect you from every vector of attack.
> -----Original Message-----
> From:
>
> [
> ]
> On Behalf Of Cantor, Scott
> Sent: Tuesday, March 11, 2014 9:34 AM
> To:
>
> Subject: Re: [Assurance] can two-factor be hacked ?
>
> On 3/11/14, 3:20 AM, "Jones, Mark B"
> <>
> wrote:
> >
> >As far as the original question. It seems to me that MFA is a good
> >defense.
>
> Then I think you misunderstand the question, it's the exact scenario where
> typical OTP approaches to MFA do not solve the problem. A MITM attack
> against all legs can simply steal and play the OTP to obtain a session.
> Normally it's done innocently as in this case, but it can be done as an
> attack.
>
> -- Scott
- Re: [Assurance] can two-factor be hacked ?, (continued)
- Re: [Assurance] can two-factor be hacked ?, David Langenberg, 03/07/2014
- RE: [Assurance] can two-factor be hacked ?, Eric Goodman, 03/10/2014
- Re: [Assurance] can two-factor be hacked ?, Tom Scavo, 03/10/2014
- RE: [Assurance] can two-factor be hacked ?, Jones, Mark B, 03/10/2014
- Re: [Assurance] can two-factor be hacked ?, Tom Scavo, 03/10/2014
- RE: [Assurance] can two-factor be hacked ?, Jones, Mark B, 03/11/2014
- Re: [Assurance] can two-factor be hacked ?, Farmer, Jacob, 03/11/2014
- Re: [Assurance] can two-factor be hacked ?, Cantor, Scott, 03/11/2014
- RE: [Assurance] can two-factor be hacked ?, Jones, Mark B, 03/11/2014
- RE: [Assurance] can two-factor be hacked ?, Etan Weintraub, 03/11/2014
- RE: [Assurance] can two-factor be hacked ?, Farmer, Jacob, 03/11/2014
- Re: [Assurance] can two-factor be hacked ?, Dana Watanabe, 03/11/2014
- RE: [Assurance] can two-factor be hacked ?, Jones, Mark B, 03/11/2014
- RE: [Assurance] can two-factor be hacked ?, Jones, Mark B, 03/11/2014
- Re: [Assurance] can two-factor be hacked ?, Tom Scavo, 03/10/2014
- RE: [Assurance] can two-factor be hacked ?, Jones, Mark B, 03/10/2014
- Re: [Assurance] can two-factor be hacked ?, Joe St Sauver, 03/07/2014
- Re: [Assurance] can two-factor be hacked ?, Steven Carmody, 03/07/2014
- Re: [Assurance] can two-factor be hacked ?, Cantor, Scott, 03/07/2014
- Re: [Assurance] can two-factor be hacked ?, David Langenberg, 03/07/2014
- Re: [Assurance] can two-factor be hacked ?, Cantor, Scott, 03/07/2014
- RE: [Assurance] can two-factor be hacked ?, Farmer, Jacob, 03/07/2014
- Re: [Assurance] can two-factor be hacked ?, David Langenberg, 03/07/2014
- RE: [Assurance] can two-factor be hacked ?, Farmer, Jacob, 03/07/2014
- Re: [Assurance] can two-factor be hacked ?, David Langenberg, 03/07/2014
- Re: [Assurance] can two-factor be hacked ?, David Langenberg, 03/07/2014
- Re: [Assurance] can two-factor be hacked ?, David Langenberg, 03/07/2014
- Re: [Assurance] can two-factor be hacked ?, Cantor, Scott, 03/07/2014
- Re: [Assurance] can two-factor be hacked ?, Steven Carmody, 03/07/2014
- Re: [Assurance] can two-factor be hacked ?, David Langenberg, 03/07/2014
Archive powered by MHonArc 2.6.16.