1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Google’s poor design decision undermines 2FA protection

Discussion in 'Help Net Security' started by RSS, Apr 11, 2016.

  1. RSS

    RSS New Member Member

    A design decision by Google can be exploited by attackers to gain control of both devices needed to access users’ accounts protected via SMS-based 2-factor authentication. This feature, which is considered a security flaw by the three researchers from VU University Amsterdam who discovered the potential problem, has still not been changed by Google, even though they have been notified of it in 2014. The researchers dubbed the vulnerability BAndroid (Browser-to-Android). “If attackers have control … More →

    Continue reading...

Share This Page