Attacking Google Authenticator

0 stars0 forks0 contributors

Overview

Probably on the verge of paranoia, but might be a reason to rate limit 2FA validation attempts

Related Projects

Community-curated · Updated weekly · 100% open source

Found a gem we're missing?

Open-Awesome is built by the community, for the community. Submit a project, suggest an awesome list, or help improve the catalog on GitHub.

Submit a project Star on GitHub

Created

Links & Resources

Website

Included in

IAM2.2k

Authelia

The Single Sign-On Multi-Factor portal for web apps, now OpenID Certified™

Kanidm: A simple, secure, and fast identity management platform

Stars5,026

Forks330

Last commit2 days ago

Compromising online accounts by cracking voicemail systems

Or why you should not rely on automated phone calls as a method to reach the user and reset passwords, 2FA or for any kind of verification. Not unlike SMS-based 2FA, it is currently insecure and can be compromised by the way of its weakest link: voicemail systems

Stars0

Forks0

Last commit

Breaking Password Dependencies: Challenges in the Final Mile at Microsoft

The primary source of account hacks is password spraying (on legacy auth like SMTP, IMAP, POP, etc.), second is replay attack. Takeaway: password are insecure, use and enforce MFA

Stars0

Forks0

Last commit