Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×
Google

Submission + - Bypassing Google Two-Factor Authentication (duosecurity.com)

An anonymous reader writes: The team at Duo Security figured out how to bypass Google's two-factor authentication, abusing Google's application-specific passwords. Curiously, this means that application-specific passwords are actually more powerful than users' regular passwords, as they can be used to disable the second factor entirely to gain control of an account. Duo released this today after Google fixed this last week — 7 months after initially replying that this was expected behavior!
This discussion was created for logged-in users only, but now has been archived. No new comments can be posted.

Bypassing Google Two-Factor Authentication

Comments Filter:

"The algorithm to do that is extremely nasty. You might want to mug someone with it." -- M. Devine, Computer Science 340

Working...