Breaking Password Dependencies: Challenges in the Final Mile at Microsoft

0 stars0 forks0 contributors

Overview

The primary source of account hacks is password spraying (on legacy auth like SMTP, IMAP, POP, etc.), second is replay attack. Takeaway: password are insecure, use and enforce MFA

Related Projects

Community-curated · Updated weekly · 100% open source

Found a gem we're missing?

Open-Awesome is built by the community, for the community. Submit a project, suggest an awesome list, or help improve the catalog on GitHub.

Submit a project Star on GitHub

Last commit

Created

Links & Resources

Website

Included in

IAM2.2k

Authelia

The Single Sign-On Multi-Factor portal for web apps, now OpenID Certified™

Stars28,003

Forks1,419

Last commit13 hours ago

Kanidm

Kanidm: A simple, secure, and fast identity management platform

Stars5,033

Forks330

Last commit10 hours ago

Beyond Passwords: 2FA, U2F and Google Advanced Protection

An excellent walk-trough over all these technologies

Stars0

Forks0

Last commit

Compromising online accounts by cracking voicemail systems

Or why you should not rely on automated phone calls as a method to reach the user and reset passwords, 2FA or for any kind of verification. Not unlike SMS-based 2FA, it is currently insecure and can be compromised by the way of its weakest link: voicemail systems

Stars0

Forks0

Last commit