Multi-Factor Authentication
YubiKey firmware cannot be updated
OTP, one-time password, often used in MFA
Implement MFA
Passwordless adoption is up in 2024
passwordless (FIDO2) was supposed to stop phishing
MFA was supposed to stop account takeover
both of thee can be bypassed via proxy attacks with Evilginx, a kind of Adversary-in-the-Middle (AitM) phishing attack
cybersecurity
security_architecture
mfa
]