I can hack the average MFA solution at least five ways and most of them 10-11 ways at least.

Hi and welcome to Sabirism's malicious life besides. I'm Ram Levy. If you've been following cyber security news for the past, I don't know, 20 years? I don't need to tell you that passwords are not a great

solution for authentication. Most people choose weak passwords or reuse their passwords across different services and even if you

follow all the best practices your passwords might still be compromised by a data breach.

The basic problem with passwords is that they are but a single piece of evidence that you are who

you say you are.

Evidence based on what you know. That is, the assumption is that you are the only

one who knows your password. We used easy to guess or compromise passwords all

negate this basic assumption.

Multifactor authentication tries to solve this problem by providing the user with other ways

to prove he or she is indeed who they say they are. with something they have like a USB security token for

example something they are something they are like a unique fingerprint or somewhere they are, like a unique fingerprint, or somewhere they are, like using a GPS to verify your

location.

Combining two or more such authentication factors greatly increases the likelihood that you are indeed who you claim to be,

which is why MFA has become so popular.

But this episode's guest says that this sense of security is false.

That many, if not most, current implementations of multi-factor authentication,

and in particular SMS-based authentication are not nearly as

secure as we'd like to think they are.

Roger Grimes has been fighting malware and malicious hackers since 1987.

It was Microsoft's principal security architect for 11 years

and has written no less than 13 books and 1100 articles on computer security.

...