Skip to main content

Second Factor #SMS: Worse Than Its Reputation


Source: https://www.ccc.de/en/updates/2024/2fa-sms

IdentifyMobile, a provider of 2FA-SMS, shared the sent one-time passwords in real-time on the internet. The #CCC happened to be in the right place at the right time and accessed the data. It was sufficient to guess the subdomain "idmdatastore". Besides SMS content, recipients' phone numbers, sender names, and sometimes other account information were visible.


#news #security #internet #2fa #mobile #cybersecurity #problem #password

CCC | Second Factor SMS: Worse Than Its Reputation

www.ccc.de
#security #2fa #internet #ccc #cybersecurity #mobile #SMS #problem #news #password

N. E. Felibata 👽 reshared this.

⇧