all InfoSec news
Lost and not Found: An Investigation of Recovery Methods for Multi-Factor Authentication. (arXiv:2306.09708v1 [cs.CR])
cs.CR updates on arXiv.org arxiv.org
Multi-Factor Authentication is intended to strengthen the security of
password-based authentication by adding another factor, such as hardware tokens
or one-time passwords using mobile apps. However, this increased authentication
security comes with potential drawbacks that can lead to account and asset
loss. If users lose access to their additional authentication factors for any
reason, they will be locked out of their accounts. Consequently, services that
provide Multi-Factor Authentication should deploy procedures to allow their
users to recover from losing access …
access account apps asset authentication authentication security factor hardware hardware tokens investigation loss lost mobile mobile apps multi-factor multi-factor authentication password passwords recovery security tokens