Man in the middle attacks circumventing authenticators

Reader Comments (Page 1 of 1)

2-28-2010 @ 4:10PM

Avan said...

The article says you need to use the code within 30 seconds before it expires. So, press the button on your authenticator. Count to 25, then input the code. The attacker now only has up to 5 seconds to use your code, depending on how long it takes you to input it.

This method isn't going to prevent these attacks entirely, just minimize them further.

Add your comments

Your comments:

Remember me

E-Mail me when someone replies to this comment

Please keep your comments relevant to this blog entry. Email addresses are never displayed, but they are required to confirm your comments.

When you enter your name and email address, you'll be sent a link to confirm your comment, and a password. To leave another comment, just use that password.

To create a live link, simply type the URL (including http://) or email address and we will make it a live link for you. You can put up to 3 URLs in your comments. Line breaks and paragraphs are automatically converted — no need to use <p> or <br /> tags.