2FA: The Illusion of Security

Companies wanting to improve user security have frequently turned to 2nd Factor Authentication. Authentication is commonly viewed as confirming one of 5 factors; 2nd factor authentication simply means relying on a combination of two of these factors: A knowledge factor - something the user knows, such as a password, a PIN or some other type of shared secret. [...]

By |2020-01-20T13:47:39-08:00January 20th, 2020|Authentication Circus|Comments Off on 2FA: The Illusion of Security

Carrier Authentication for SIM Swap Request

Princeton University Department of Computer Science and Center for Information Technology Policy just released a draft report entitled An Empirical Study of Wireless Carrier Authentication for SIM Swaps which examines the authentication procedures for the top five pre-paid wireless carriers in the U.S.  Their findings, not surprisingly, is that all five carriers used insecure authentication challenges that could [...]

By |2020-01-13T11:15:11-08:00January 13th, 2020|Authentication Circus, Security Theater|Comments Off on Carrier Authentication for SIM Swap Request