Articles about 2fa

Boffins nail 2FA with 'ambient sound' login for the lazy

Internet users who think two taps on a smartphone is two taps too much may soon be able to use seamless second factor authentication that verifies a person is in possession of their phone by matching ambient noise sound prints. Researchers Nikolaos Karapanos, Claudio Marforio, Claudio Soriente, and Srdjan Capkun of the …
Darren Pauli, 17 Aug 2015

Snapchat slings SMS two-factor authentication

Snapchat has deployed two factor authentication as part of its push to increase security across the popular selfie slinging app. The sexting swap shop allows users to set up SMS log-in verification that makes en-masse account hijacking more difficult, and better protects Snapchat's Snapcash money transfer system. The …
Darren Pauli, 15 Jun 2015
Manneken pis wears football kit. Source: James Cridland, Flickr

Tesla Twitter account and website hijacked, Elon Musk pwned

The website and Twitter account of carmaker Tesla were hacked over the weekend, as part of what looks like a prank between rival hackers. Elon Musk’s personal Twitter account was also hijacked on Saturday night (US time) by miscreants who at one point claimed to be from the infamous Lizard Squad hacking crew. The name …
John Leyden, 27 Apr 2015
Wolves

Big Blue securo-bods warn of dire Dyre Wolf AMONG WOLVES

Infosec experts have spotted a nasty variant of a banking malware – dubbed Dyre Wolf – which involves a sophisticated two-factor authentication workaround that has apparently led to the theft of more than $1m from the biz world. Wrongdoers have demonstrated what IBM Security described as "a brazen twist from the once-simple …
Kelly Fiveash, 4 Apr 2015
Logging onto Windows 10 with a mobile for 2-factor authentication

Yahoo! wheels! out! password! on-demand! service! for! simpletons!

Yahoo! is trialling a service that removes the need to remember your passwords, providing users aren't so absent-minded they don't also lose or mislay their mobile phones. The on-demand password service allows registered users to get a short password sent to their phone. On-demand passwords is an opt-in service, initially only …
John Leyden, 16 Mar 2015

Authy 2FA app popped by simple, secret, code

Attackers could bypass the Authy two factor authentication (2FA) system by typing a phrase in a token field. Authy's apps make it possible for punters to log in to services like Gmail, Dropbox and Facebook, or even Amazon Web Services, with a one-time password sourced from an app. But prior to the advent of a patch issued 8 …
Darren Pauli, 16 Mar 2015

Hey, NUDE CELEBS! Apple adds SWEET 2FA to iMessage, Facetime

Apple has activated a two-factor authentication (2FA) system for Facetime and iMessage, extending the service to beyond iCloud accounts in a move that it hopes will help secure its communications platforms. The feature has become effective immediately, meaning any attempt to activate the services on a new device would first …
Team Register, 13 Feb 2015

CommBank app leaks 2FA tokens says Sydney dev

Sydney programmer Stuart Ryan has chipped Australia's dominant retail bank, the Commonwealth Bank, for allowing two factor authentication codes to be viewable on locked iPhones. The bank sends authentication tokens over push notifications on iOS devices, rather than SMS for users who had activated the second factor account log …
Darren Pauli, 12 Feb 2015
JP Morgan HQ at Canary Wharf

JPMorgan Chase mega-hack was a simple two-factor auth fail

Hackers broke into JPMorgan's network through a giant security hole left open by a failure to switch on two-factor authentication on an overlooked server. The New York Times reports that technicians at JPM had failed to upgrade one of its network servers, meaning that access was possible without knowing a combination of a …
John Leyden, 23 Dec 2014

Lucky you. Twitter offers you its 'Digits' (for mobe app sign-ins)

Twitter's launch of a service that provides a new way to sign up to apps without using passwords has received a cautious welcome from security experts. The new service, Digits, is designed to offer application developers a simpler, password-free login option for their mobile applications. The utility is designed to fit into …
John Leyden, 24 Oct 2014
iPad Psycho image

NUDE SELFIE CLOUD PERV menace: Apple 2FA? Sweet FA, more like

Apple’s two-factor authentication doesn't actually protect iCloud backups or photo streams, contrary to what many iPhone and iPad fondlers might wish to believe. Scores of (mostly female) celebrities, including Oscar winner Jennifer Lawrence, had their iCloud hacked before miscreants siphoned off private nude snaps which …
John Leyden, 3 Sep 2014
The Register breaking news

Apple's two-factor security isn't as good as Microsoft or Google's, say experts

Apple's two-factor authentication system does not protect users' private files backed up to the iCloud, it is claimed. Fanbois have been able to secure their Apple accounts with a two-step login process since March: these accounts are important because they are used to bung or retrieve backups into and out of Cupertino's …
John Leyden, 31 May 2013
The Register breaking news

Google squishes login-bypass bug that opened door to hijackers

Google has patched a flaw that allowed attackers to circumvent the web giant's two-factor login system and hijack victims' accounts. Researchers at Duo Security said anyone could bypass a Google account's two-step verification system, reset its master password and gain full control of the profile simply by capturing one of the …
John Leyden, 27 Feb 2013
The Register breaking news

Brit firm PinPlus flogs another password 'n' PIN killer

The inventor who co-founded visual PIN company GrIDsure has become involved with another pattern-based authentication start-up in the hopes that the shoulder-surfer proof technology could replace two-factor authentication. His new company, PinPlus, does away with passwords and PINs by combining a method for securely delivering …
John Leyden, 27 Feb 2013

Create a news alert about 2fa, or find more stories about 2fa.

Biting the hand that feeds IT © 1998–2017