1FA

Applications such as Pushbullet strive to integrate our devices by mirroring notifications received on an android phone onto a windows laptop. I can read and even reply SMSes without the need to pick up my phone. Nevertheless, we must be careful when using them since One Time Passwords(OTP) are mirrored as well. Especially for those who use a password manager without a master password, all an adversary needs to do is to steal your laptop. Security has essentially been reduced from 2 factor authentication(2FA) to 1FA. Convenience always comes at the price of security.

image0



Tags: Security

Similar Articles

Interesting bluetooth experiment (95% Similar) - Earlier on, I paired my bluetooth keyboard to both my android and windows OS dual boot configuration. It is a hassle to keep re-pairing the keyboard whenever I switch OSes. This was done by ...
Windows Trust Boundaries (91% Similar) - Understanding Windows trust boundaries is important as a penetration tester as security vulnerabilities are usually found at these boundaries. As an application developer, understanding these ...
Spoofing NUS WPA2 and stealing credentials (90% Similar) - Warning Content in this post is for educational purposes only, it may be illegal to carry out the exploit mentioned. The author is not responsible for any action taken against you if you carry it ...
Expanding on Pyramid of Pain (90% Similar) - I believe most threat hunters would already be familiar with the Pyramid of Pain. Most hunters aim to detect artefacts and tools, as they are higher up the pyramid. However, there is scarce ...