Explore the vulnerabilities and weaknesses of Two Factor Authentication (2FA) systems in this Black Hat conference talk. Delve into the trade-offs between security and usability in 2FA implementations, and witness demonstrations of various attack vectors, including a novel approach targeting mobile phone-based TOTP (RFC 6238) systems. Learn about best practices for deploying different types of 2FA to enhance security in both enterprise systems and web applications. Gain valuable insights into the limitations of current 2FA standards and discover how to mitigate potential risks in your authentication processes.
Overview
Syllabus
Two Factor Failure
Taught by
Black Hat
Related Courses
-
Deploying Two-Factor Authentication to Millions of Users
-
Two-Factor Authentication, Usable or Not? - A Two-Phase Usability Study of the FIDO U2F Security Key
-
The Sounds of the Phones - Dangers of Zero-Effort Second Factor Login Based on Ambient Audio
-
Security and Auditing in Ethereum
-
Defense with Two-Factor Authentication - Strategies and Vulnerabilities
-
Web APIs for Delightful Two Factor Auth Experiences
