Bypassin text based OTP is when I squeeze myself into SS7 and take over your number for a while. Bypassing token OTP is when I crack the algo (hahahahah!!!) and guess the next password. This is hacking. All those headlines are just phishing AND NOTHING MORE.
-
-
Replying to @notameadow @notdan
100% agreed, but if your big phishing solution is phishable, that is a pretty noteworthy failure. Believe it or not, lots of people really did argue it prevents phishing - I'm as surprised as you are
1 reply 0 retweets 4 likes -
I am honestly surprised it took 'bad people' so long to figure that an OTP can be phised in the same way as the password. It's not like it's some ai-ml-blockchain s00per high tech, just a script...
1 reply 2 retweets 5 likes -
nah, they just waited until there was enough OTP adoption to make it worth targetting
1 reply 0 retweets 2 likes -
This makes sense. It tooks the industry so long to bring 2FA into mainstream, and it's still not quite there yet. Now we will do YOU KNOW WHAT OTP IS SHITE DROP IT. I can just see how that's gonna work :) It would be much better to teach people to not click stuff in email.
3 replies 0 retweets 1 like -
Replying to @notameadow @marypcbuk and
This is my main concern... It's taken long enough to convince non-tech people on the importance of 2FA to begin with... Now changing the message to "not good enough", I can already hear the collective "well, ffs, now what?!"
2 replies 0 retweets 0 likes
Yep, they probably shouldn't have burned all their goodwill talking up snake-oil solutions. That's what happened though, we can't turn back the clock.
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.