Explore the vulnerabilities and weaknesses of Two Factor Authentication (2FA) systems in this Black Hat conference talk. Delve into the trade-offs between security and usability in 2FA implementations, and witness demonstrations of various attack vectors, including a novel approach targeting mobile phone-based TOTP (RFC 6238) systems. Learn about best practices for deploying different types of 2FA to enhance security in both enterprise systems and web applications. Gain valuable insights into the limitations of current 2FA standards and discover how to mitigate potential risks in your authentication processes.
Overview
Syllabus
Two Factor Failure
Taught by
Black Hat