|
|
|
|
|
|
by bri3d
4458 days ago
|
|
|
Session skimming is definitely still viable, and is especially bad if the compromised service doesn't require an escalated / different session to disable 2FA. Additionally, there's a chance an attacker could compromise the TOTP secret as well as it will probably be in memory around the same time (unless the system is using a keyserver or HSM). At that point, the whole setup is blown and the user's credentials could presumably be replayed. |
|
|