Hacker News new | ask | show | jobs
by bluGill 820 days ago
Which is great until someone who might or might not really be "Karen from HR" says they lost their Yubikey and needs a new one. This workflow must exist, but it is generally easy for an attacker to get authenticated by that system.
1 comments
loeg 820 days ago
That is a significantly higher barrier than phishing.
link
bluGill 820 days ago
often The point of fishing is to get enough info to fool that sywtem.
link