Many of the implemented authentication methods are not phishing-resistant, as the current case shows. One solution here is a FIDO-based authentication solution, which can best be implemented with a hardware-based security key that enables secure MFA by means of hardware tokens and whose MITM protection mechanisms from FIDO also take effect in the event of AiTM attacks.
More FIDO in the News
POLITICO: Oregon Senator Ron Wyden Calls for Social Security Administration to Adopt FIDO Authentication
VIA POLITICO Morning Cybersecurity Report 10/6/17 NOW THAT’S WHAT I’M TOKEN ABOUT — The Social…
SC Magazine: Mnuchin hails FIDO authentication standards
While speaking at the Federal Identity Forum & Exposition, Treasury Secretary Steve Mnuchin called out…
The Economist: Where are the flaws in two-factor authentication?
The Economist reports that two-factor authentication methods using SMS or OTPs are flawed, and that…
