Bypassing Googles Two-Factor Authentication

HardOCP News · Feb 25, 2013

Here's how an attacker can bypass Google’s two-step login verification and gain full control of your account by capturing a user’s application-specific password ASP.

We think it’s a rather significant hole in a strong authentication system if a user still has some form of “password” that is sufficient to take over full control of his account. However, we’re still confident that — even before rolling out their fix — enabling Google’s 2-step verification was unequivocally better than not doing so.

TechLarry · Feb 25, 2013

Google login has become a big pain in the ass, especially if you have multiple accounts.

melteye · Feb 25, 2013

I still wish they would add Yubikey support.

cageymaru · Feb 26, 2013

TechLarry said:
Google login has become a big pain in the ass, especially if you have multiple accounts.

Very true!

Bypassing Googles Two-Factor Authentication

HardOCP News

[H] News

TechLarry

RIP [H] Brother - June 1, 2022

melteye

[H]ard|Gawd

cageymaru

Fully [H]

Bypassing Googles Two-Factor Authentication

HardOCP News

[H] News

TechLarry

RIP [H] Brother - June 1, 2022

melteye

[H]ard|Gawd

cageymaru

Fully [H]

Bypassing Googles Two-Factor Authentication