1FA

Applications such as Pushbullet strive to integrate our devices by mirroring notifications received on an android phone onto a windows laptop. I can read and even reply SMSes without the need to pick up my phone. Nevertheless, we must be careful when using them since One Time Passwords(OTP) are mirrored as well. Especially for those who use a password manager without a master password, all an adversary needs to do is to steal your laptop. Security has essentially been reduced from 2 factor authentication(2FA) to 1FA. Convenience always comes at the price of security.

image0



Tags: Security

Similar Articles

Hiding compressed files in images - Have been doing this for quite some time, just wanted to share the method. The following code should work on Linux/Mac. Step 1. Zip/Rar/7z your secret file zip hideme.zip s3cr3t Step 2. Append ...
DES key parity bit calculator - I was doing some reverse engineering and I could not find any tool which expands a 56 bit DES key into a 64 bit key with the parity bit included. Expanding the key is a pretty laborious process ...
Bangladesh bank heist - The media initially attributed the hack to a couple of cheap second-hand $10 switches. However, according to further reverse engineering, this is not a snatch and grab but a full scale bank heist ...
Hijacking QR codes - Just finished printing my poster for a school project in which contained a QR code for users to download an android app. It was my first time printing out 300dpi@A1 size and thankfully it turned ...