|
|
|
|
|
|
by adastra22
711 days ago
|
|
|
I don't see those as realistic. Session interception largely isn't a thing anymore, unless we're talking about nation-state levels of attackers, and if the service is storing your password unhashed then I sincerely doubt their 2FA is configured in a secure way anyway. |
|
|
Granted they didn’t break the session in flight, but there is a low bar to achieve the same thing