Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.




170 posts

Master Geek
+1 received by user: 6


Topic # 242550 3-Nov-2018 09:21
Send private message

Two factor authentication is meant to keep the bad guys out .. but does it?

 

Take a G-Suite login process for example .. what if:

 

  • Google user enters Gmail-username gullible and password 1234 into the bad-guy website
  • bad-guy uses these credentials to log into Google, gets prompted for text code, and passes this request on to gullible
  • gullible enters text code onto bad-guy website
  • bad-guy completes Google login and immediately changes account setup to lock out gullible

Any thoughts?

 

 


Create new topic
1008 posts

Uber Geek
+1 received by user: 431

Trusted
Subscriber

  Reply # 2118867 3-Nov-2018 09:27
Send private message

Called a man in the middle attack https://en.wikipedia.org/wiki/Man-in-the-middle_attack






759 posts

Ultimate Geek
+1 received by user: 323

Subscriber

  Reply # 2118869 3-Nov-2018 09:29
Send private message

This is a man in the middle attack (mitm). It is difficult to protect against technically because it relies on the end user to be vigilant, which is often not the case.

 

This is why to turn of MFA, most systems require further challenges to the end user to complete the configuration change.

 

 








 
 
 
 


BDFL - Memuneh
62643 posts

Uber Geek
+1 received by user: 13311

Administrator
Trusted
Geekzone
Lifetime subscriber

  Reply # 2118876 3-Nov-2018 09:48
Send private message

Yes and no. If you use an authenticator app then the code changes every 30 seconds, making it harder to time the attack - repeated requests sent to Gullible would raise suspicions.

 

A SMS attack is easier because it's also easier to use social engineering (or Bad Telco Employee) to get a SIM Card and transfer the number to that SIM (this happened before, in the USA).

 

The one you show would need Gullible to enter the code on a site that 1) is not the domain used for login and 2) is asking for a code for a login Gullible did not initiate.

 

Yes, some gullible people will be gullible but these attacks require a certain degree of sophistication and some targeting.





Create new topic


Donate via Givealittle


Twitter »

Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:





News »

A call from the companies providing internet access for the great majority of New Zealanders, to the companies with the greatest influence over social media content
Posted 19-Mar-2019 15:21


Two e-scooter companies selected for Wellington trial
Posted 15-Mar-2019 17:33


GeForce GTX 1660 available now
Posted 15-Mar-2019 08:47


Artificial Intelligence to double the rate of innovation in New Zealand by 2021
Posted 13-Mar-2019 14:47


LG demonstrates smart home concepts at LG InnoFest
Posted 13-Mar-2019 14:45


New Zealanders buying more expensive smartphones
Posted 11-Mar-2019 09:52


2degrees Offers Amazon Prime Video to Broadband Customers
Posted 8-Mar-2019 14:10


D-Link ANZ launches D-Fend AC2600 Wi-Fi Router Protected by McAfee
Posted 7-Mar-2019 11:09


Slingshot commissions celebrities to design new modems
Posted 5-Mar-2019 08:58


Symantec Annual Threat Report reveals more ambitious, destructive and stealthy attacks
Posted 28-Feb-2019 10:14


FUJIFILM launches high performing X-T30
Posted 28-Feb-2019 09:40


Netflix is killing content piracy says research
Posted 28-Feb-2019 09:33


Trend Micro finds shifting threats require kiwis to rethink security priorities
Posted 28-Feb-2019 09:27


Mainfreight uses Spark IoT Asset Tracking service
Posted 28-Feb-2019 09:25


Spark IoT network now covers 98% of New Zealand population
Posted 19-Feb-2019 09:28



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Support Geekzone »

Our community of supporters help make Geekzone possible. Click the button below to join them.

Support Geezone on PressPatron



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.