View Single Post
Old 6 Jan 2019, 08:06 AM   #22
gardenweed
Cornerstone of the Community
 
Join Date: Jun 2008
Location: Perth
Posts: 664
Quote:
Originally Posted by BritTim View Post
...However, a targeted attack against you personally may well include taking over your phone number, and using that to gain access to online accounts "protected" by SMS based one time codes or password reset procedures.
Presumably that would mean that for that MitM attack to succeed (when they take over my phone number), they are relying on me using the TOTP or SMS method of logging into my account, which they will then intercept - is that right?

But if I only use my FIDO U2F key, then this targeted attack will fail?
gardenweed is offline   Reply With Quote