![]() The 2FA protecting the Reddit accounts, however, relied on OTPs sent through SMS messages, despite reports over the years (such as this one) that make it amply clear they are susceptible to interception. ![]() More secure yet, the 2FA is in the form of a cryptographic token sent by a security key attached to a device logging in. In most cases, the extra step is the entering of a one-time password (OTP) that’s sent to or generated by a mobile phone. Further Reading FTC’s chief technologist gets her mobile phone number hijacked by ID thiefWednesday’s post said that the breached employee accounts were protected by 2FA, which typically requires people to take an extra step beyond entering a password when accessing an account from a new computer.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |