Two Factor Authentication

1 reply [Last post]
sf0x
sf0x's picture
Offline
Neophyte
Joined: 2011/04/04

Hi,
are there any guesses on breaking Two Factor Authentication?
The only attack point i considered till now was a csrf changing the second factor device. Btw, are there sms inbox accounts on the net?

Is tfa simply making xss-cookie stealers more complex so that they all have to do an csrf from now?

greetz sf0x

By four o'clock I've discounted suicide in favour of killing everyone else in the entire world instead