Quote:
Originally Posted by BritTim
...However, a targeted attack against you personally may well include taking over your phone number, and using that to gain access to online accounts "protected" by SMS based one time codes or password reset procedures.
|
Presumably that would mean that for that MitM attack to succeed (when they take over my phone number), they are relying on me using the TOTP or SMS method of logging into my account, which they will then intercept - is that right?
But if I only use my FIDO U2F key, then this targeted attack will fail?