all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Two-step verification question - this seems wrong

Add to bookmarks
Nov. 17, 2023, 6:31 p.m. | /u/daneyuleb

cybersecurity www.reddit.com

Company I work for has a two step verification for the public logins. After putting in user name/password, you're prompted to have the two-step verification to emailed with an obfuscated email shown on screen.

Clicking View Source, though, reveals the Un-obfuscated email in the clear. Giving potential phishers who've acquired user names and passwords a 3rd piece of info, useable for all kinds of social engineering or email account hacking.

This IS unnecessary and against MFA best practices.... right? Or …

clear clicking cybersecurity email logins name names obfuscated password public question screen two-step verification verification work wrong

Visit resource

More from www.reddit.com / cybersecurity

Millions of Docker repos found pushing malware,phishing sites an hour ago | www.reddit.com
cybersecurity
Federal Hiring Practices Revisited for Cyber Professionals? 4 hours ago | www.reddit.com
article cybersecurity experience hiring +5
GeekWire: Generative AI is a dual concern for cybersecurity industry — and will drive increased … 7 hours ago | www.reddit.com
cybersecurity cybersecurity industry demand drive +4
Forbes Council Post: The Danger Of Zombie Leaks 7 hours ago | www.reddit.com
council cybersecurity forbes leaks +1
Change Healthcare hacked using stolen Citrix account with no MFA 7 hours ago | www.reddit.com
account change change healthcare citrix +5
Microsoft's Cybersecurity For Beginners 7 hours ago | www.reddit.com
beginners cybersecurity microsoft
Real world methods APTs harvest our credentials 8 hours ago | www.reddit.com
apts credentials cybersecurity harvest +2
Millions of Malicious Containers Found on Docker Hub 9 hours ago | www.reddit.com
containers cybersecurity docker docker hub +3
Marriott admits it falsely claimed for five years it was using encryption during 2018 breach 9 hours ago | www.reddit.com
breach cybersecurity encryption marriott

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Emergency Management Invoice Compliance Reviewer

@ AC Disaster Consulting | Denver, Colorado, United States - Remote
View on infosec-jobs.com

Threat Intelligence Librarian

@ Microsoft | Cheltenham, Gloucestershire, United Kingdom
View on infosec-jobs.com

Cyber Content Operations Manager - Remote in UK

@ Immersive Labs | United Kingdom
View on infosec-jobs.com

(Junior) Security Engineer (m/w/d)

@ CHECK24 | Berlin, Germany
View on infosec-jobs.com

Cyber Security

@ Necurity Solutions | Bengaluru, Karnataka, India
View on infosec-jobs.com
View more jobs