Y
Hacker News
new
|
ask
|
show
|
jobs
by
lighthazard
2153 days ago
Maybe? I imagine a spear fishing attack could entail the target is sent to a false panel to login where it sends a true 2FA request. The target then freely gives this 2FA code to the attacker.
1 comments
Thorrez
2152 days ago
That compromise OTP 2FA, but not U2F 2FA.
link