Over 5,300 GitLab servers exposed to zero-click account takeover attacks - eviltoast
  • GigglyBobble@kbin.social
    link
    fedilink
    arrow-up
    1
    ·
    edit-2
    10 months ago

    “5 ways to hack 2FA” is pretty click-baity though. All of those attacks are either not exclusively related to 2FA or could target another component. If you can just bypass security altogether, instead of questioning 2FA, you should consider ditching that service/site.

    All except point 1, that is. But everyone should know by now that 2FA by SMS is insecure.