Boosts - Google Authenticator still syncs two-factor authentication secrets without E2EE.... - Mbin

mysk , 4 months ago

Google Authenticator still syncs two-factor authentication secrets without E2EE. If you enable cloud syncing, this means:

1️⃣ Google can read the secrets and generate one-time passwords for your accounts
2️⃣ Google knows the services you use
3️⃣ #Google knows your usernames
4️⃣ Given a court order, Google is obliged to hand over this data to law enforcement

#Privacy #privacymatters #CyberSecurity #infosec
https://defcon.social/@mysk/110262313275622023

Reply

Report

Activity

Open original URL

Copy original URL

Copy Mbin URL

Loading...

+ Xenograg, pluralistic

pluralistic 4 months ago
Xenograg 4 months ago

/m/random

Microblog (163726)

Thread

mysk

@mysk@mastodon.social

Added: 4 months ago
Boosts: 2

Magazine

random

@random@mbin.grits.dev

Created: 6 months ago
Subscribers: 1

Threads 159
Comments 185
Posts 163726
Replies 330316
Moderators 0
Moderation log 1

Moderators

mozz

Active people

mbin.grits.dev

Powered by Mbin
●
1.4.1
●
Report issue