Password protection apps have a weak point

With two-factor authentication, users can additionally secure their online accounts. However, many apps that are supposed to help with this are themselves insufficiently secured, experts warn.

Many smartphone apps for two-factor authentication (2FA) are insecure. This is reported by security researchers. The applications that use one-time passwords as a second factor besides the actual one password Generate to log in to user accounts, often allowed to take screenshots, reports the specialist portal “Golem.de” – a fact that is already being exploited by malware.

Apps that have not implemented screenshot protection also include popular applications like that Google Authenticator or the Microsoft Authenticator. With these apps, the experts could easily have taken screenshots in a short test.

If you want to be on the safe side, you should use an app like the free and open source Android application “andOTP”, which is already protected against screenshot attacks to grab the one-time password (OTP). Another alternative to generating a second factor for logins are security USB sticks (U2F), which can be simply plugged into a computer or notebook.

The screenshot problem is said to have been known since 2014 and was last reported to affected companies by the security company Nightwatch in 2017, as it reports. After the gaps had not been fixed for years, the security researchers published their findings in early March.

.

Read Also:  Sciences: Astronomy | The "disappearance" of a gigantic star puzzles
Share on facebook
Facebook
Share on pinterest
Pinterest
Share on twitter
Twitter
Share on linkedin
LinkedIn
Share on email
Email

Comments

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Trending