Headline: Google Two-Factor Authentication Compromised

HeadlinesSecurity
Written By Thomas Fraley

Security is always a battle between Connivance and security.

The more convenient something is the more skeptical you should be. I personally use a YubiKey and Lastpass.

Slashdot reported that an anonymous reader wrote in the following.

"The team at Duo Security figured out how to bypass Google's two-factor authentication, abusing Google's application-specific passwords. Curiously, this means that application-specific passwords are actually more powerful than users' regular passwords, as they can be used to disable the second factor entirely to gain control of an account. Duo [publicly released this exploit Monday] after Google fixed this last week — seven months after initially replying that this was expected behavior!"

 

Thomas Fraley
I am a tech enthusiast whose main focus is making technology easy again for everyone. Educated with degrees in network engineering and project management. I've worked in the entertainment industry for a decade as a director of information technology for global companies pioneering the way. A few years ago I decided to give back and have been helping young entrepreneur startups off on the right foot.
www.lifewithtech.net
Previous

Review: Jadu Skadoosh Mini stand
Next

Review: Logitech K811 Blutooth Easy Switch Keyboard