The keys are commonly used in place of less secure MFA methods such as confirmation codes sent to the users phone via text message or email.įrom the time its launch, NinjaLab researchers had suspected the keys may be vulnerable certain kinds of side-channel attacks. Launched in 2018, Google’s Titan security key is a MFA hardware device used to physically verify the identity of the user. In a report published this week, security researchers from NinjaLab successfully cloned a Google Titan security key and exposed a vulnerability affecting the NXP P5x cryptographic chipset used by numerous other security keys. Multi-factor authentication (MFA) is one of the easiest ways to combat spear phishing and account take over, but it’s not perfect.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |