Dual authentication is not the ultimate guarantee of security

Dual authentication is not the ultimate guarantee of security

The standard security layer for multiple mailboxes is outdated for many hackers. Hackers recommend adding an extra step.

Let me tell you right now, Password is not enough today To protect an account or mailbox. So, what about two-factor authentication? For years on Gmail, Outlook or Facebook, You can configure a request for a second password When connecting to a session. Normally, you will receive a message on your smartphone with a one-time password or authentication button. At first glance, this security measure should prevent external connection. This is an underestimation of hackers. In fact, two-factor authentication hasn’t stopped hackers for a few years now.

Hackers from the famous Lapsus$ group, Microsoft was found to have stolen data from the companyor Russian Nobile pirates, Responsible for attack on Solar WindsIt was able to avoid double authentication when connecting to the messaging services of the affected companies.

Pascal Le Decoll, France director of WatchGuard, describes some of the techniques: ” Common methods include social engineering. A hacker stands between the site and the user to get the link code directly. For example, the victim can be tricked by sending a fake page where they enter a password. We have found other processes such as the ability to redirect SMS by paying the operator or by hacking. »

“Add New Steps”

Many other techniques exist and have been practiced by hackers. Brute Force – a bot that constantly generates new combinations – can be used to try thousands of codes until you get the perfect one. Stealing a session cookie would allow a hacker to discover the passwords used. It’s easy if a hacker gets access to your email By finding codes on the darknet, you can bypass 2FA on some accounts by resetting the password. Criminals copy the 2FA authentication box’s signal and ask the owner to click it. Obviously, this requires enormous resources and a lot of time from hackers. Robert A. Grimes, a cybersecurity expert, describes twelve ways to break two-factor authentication In an online report.

Cnil-2FA
Biometrics add extra security, but require you to provide your fingerprint to an organization. //Source: CNIL

It’s all about the security layer. The more we add, the more we complicate the task for the criminal. The pirate thinks about profit, he looks for an attack that requires him the least amount of time and means. Some people are happy to find some innovative methods to bypass 2FA “, explains Pascal Le Decoll.

Naturally, a web user cannot establish multiple layers of authentication for each site. Already, it ruins the user experience, but the latter works with the tools at hand, and not all sites offer 2FA. For important accounts, experts recommend installing MFA – multi-factor authentication – for which you type a code and another verification step: answer a question, paste a fingerprint or press a USB security key. Apparently, highly skilled hackers have already discovered tricks to circumvent these obstacles. We have to face the facts, it is a never ending competition between internet companies and hackers.

Further

Source: Blow / Apostle

Leave a Reply

Your email address will not be published. Required fields are marked *