Bypassing Google Two-Factor Authentication

Slashdot

+ - Bypassing Google Two-Factor Authentication-> 0

Submitted by Anonymous Coward on Tuesday February 26, 2013 @02:24AM

An anonymous reader writes "The team at Duo Security figured out how to bypass Google's two-factor authentication, abusing Google's application-specific passwords. Curiously, this means that application-specific passwords are actually more powerful than users' regular passwords, as they can be used to disable the second factor entirely to gain control of an account. Duo released this today after Google fixed this last week — 7 months after initially replying that this was expected behavior!"
Link to Original Source

This discussion was created for logged-in users only, but now has been archived. No new comments can be posted.

Bypassing Google Two-Factor Authentication

Load All Comments

Search 0 Comments Log In/Create an Account

Comments Filter:

There may be more comments in this discussion. Without JavaScript enabled, you might want to turn on Classic Discussion System in your preferences instead.

You can get everything in life you want, if you will help enough other people get what they want.

Bypassing Google Two-Factor Authentication More Login

Bypassing Google Two-Factor Authentication