|
|
|
|
|
|
by tjansen
1684 days ago
|
|
|
If the attacker is on your computer, he can access your bank account while you are being logged in (and possibly after that, if he disabled the logoff). He just needs to copy your session cookies and use your computer as proxy to use your IP address. 2FA doesn't really help in that scenario. 2FA 'only' prevents attackers from breaking in without having access to your computer, and you being logged in. If an action needs to be confirmed using 2FA (like a transfer of money), it can prevent this as well. |
|
|