Is 2FA broken?
Of course not: A few incidents here and there don't mean that weaknesses in the mechanism overall should be concerning.
The only issue lies with one-time password schemes (using SMS and email).
It's cracked a bit, and it should be a priority to improve the process.
Yes: The most widely used form of 2FA (SMS-delivered one-time passwords) is a known attack surface and should be considered flawed.
Leave a Comment
Please enter your name.
Please enter your email address.
Your Website (optional)
Please enter a comment.
Created at Crowdsignal.com