Hacking Multifactor Authentication

Hacking Multifactor Authentication
PDF

Book Description
Protect your organization from scandalously easy-to-hack MFA security “solutions” 
Multi-Factor Authentication (MFA) is spreading like wildfire across digital environments. However, hundreds of millions of dollars have been stolen from MFA-protected online accounts. How? Most people who use multifactor authentication (MFA) have been told that it is far less hackable than other types of authentication, or even that it is unhackable. You might be shocked to learn that all MFA solutions are actually easy to hack. That’s right: there is no perfectly safe MFA solution. In fact, most can be hacked at least five different ways. Hacking Multifactor Authentication will show you how MFA works behind the scenes and how poorly linked multi-step authentication steps allows MFA to be hacked and compromised. 
This book covers over two dozen ways that various MFA solutions can be hacked, including the methods (and defenses) common to all MFA solutions. You’ll learn about the various types of MFA solutions, their strengthens and weaknesses, and how to pick the best, most defensible MFA solution for your (or your customers') needs. Finally, this book reveals a simple method for quickly evaluating your existing MFA solutions. If using or developing a secure MFA solution is important to you, you need this book. 
  • Learn how different types of multifactor authentication work behind the scenes
  • See how easy it is to hack MFA security solutions―no matter how secure they seem
  • Identify the strengths and weaknesses in your (or your customers’) existing MFA security and how to mitigate
Author Roger Grimes is an internationally known security expert whose work on hacking MFA has generated significant buzz in the security world. Read this book to learn what decisions and preparations your organization needs to take to prevent losses from MFA hacking. 

Content

PART I - Introduction
1. Logon Problems
2. Authentication Basics
3. Types of Authentication
4. Usability vs. Security

PART II - Hacking MFA
5. Hacking MFA in General
6. Access Control Token Tricks
7. Endpoint Attacks
8. SMS Attacks
9. One-Time Password Attacks
10. Subject Hijack Attacks
11. Fake Authentication Attacks
12. Social Engineering Attacks
13. Downgrade/Recovery Attacks
14. Brute-Force Attacks
15. Buggy Software
16. Attacks Against Biometrics
17. Physical Attacks
18. DNS Hijacking
19. API Abuses
20. Miscellaneous MFA Hacks
21. Test: Can You Spot the Vulnerabilities?

PART III - Looking Forward
22. Designing a Secure Solution
23. Selecting the Right MFA Solution
24. The Future of Authentication
25. Takeaway Lessons

Download Hacking Multifactor Authentication PDF or ePUB format free


Free sample

Download in .PDF format



Add comments
Прокомментировать
Введите код с картинки:*
Кликните на изображение чтобы обновить код, если он неразборчив
Copyright © 2019