Hacking multifactor authentication /

"Multi-Factor Authentication (MFA) is spreading like wildfire across digital environments. However, hundreds of millions of dollars have been stolen from MFA-protected online accounts. How? Most people who use multifactor authentication (MFA) have been told that it is far less hackable than oth...

Descripción completa

Detalles Bibliográficos
Clasificación:Libro Electrónico
Autor principal: Grimes, Roger A. (Autor)
Formato: Electrónico eBook
Idioma:Inglés
Publicado: Indianapolis, IN : John Wiley & Sons, Inc., [2021]
Temas:
Hacking.
Hackers.
Cryptography.
Computers > Access control > Testing.
Computer networks > Security measures.
Computer security.
Computer Security
Piratage informatique.
Pirates informatiques.
Cryptographie.
Réseaux d'ordinateurs > Sécurité > Mesures.
Sécurité informatique.
Acceso en línea:Texto completo (Requiere registro previo con correo institucional)
Tabla de Contenidos:
  • Introduction
  • Who This Book Is For
  • What Is Covered in This Book?
  • MFA Is Good
  • How to Contact Wiley or the Author
  • Part I Introduction
  • Chapter 1 Logon Problems
  • It's Bad Out There
  • The Problem with Passwords
  • Password Basics
  • Identity
  • The Password
  • Password Registration
  • Password Complexity
  • Password Storage
  • Password Authentication
  • Password Policies
  • Passwords Will Be with Us for a While
  • Password Problems and Attacks
  • Password Guessing
  • Password Hash Cracking
  • Password Stealing
  • Passwords in Plain View
  • Just Ask for It
  • Password Hacking Defenses
  • MFA Riding to the Rescue?
  • Summary
  • Chapter 2 Authentication Basics
  • Authentication Life Cycle
  • Identity
  • Authentication
  • Authorization
  • Accounting/Auditing
  • Standards
  • Laws of Identity
  • Authentication Problems in the Real World
  • Summary
  • Chapter 3 Types of Authentication
  • Personal Recognition
  • Knowledge-Based Authentication
  • Passwords
  • PINS
  • Solving Puzzles
  • Password Managers
  • Single Sign-Ons and Proxies
  • Cryptography
  • Encryption
  • Public Key Infrastructure
  • Hashing
  • Hardware Tokens
  • One-Time Password Devices
  • Physical Connection Devices
  • Wireless
  • Phone-Based
  • Voice Authentication
  • Phone Apps
  • SMS
  • Biometrics
  • FIDO
  • Federated Identities and APIs
  • OAuth
  • APIs
  • Contextual/Adaptive
  • Less Popular Methods
  • Voiceover Radio
  • Paper-Based
  • Summary
  • Chapter 4 Usability vs. Security
  • What Does Usability Mean?
  • We Don't Really Want the Best Security
  • Security Isn't Usually Binary
  • Too Secure
  • Seven-Factor MFA
  • Moving ATM Keypad Numbers
  • Not as Worried as You Think About Hacking
  • Unhackable Fallacy
  • Unbreakable Oracle
  • DJB
  • Unhackable Quantum Cryptography
  • We Are Reactive Sheep
  • Security Theater
  • Security by Obscurity
  • MFA Will Cause Slowdowns
  • MFA Will Cause Downtime
  • No MFA Solution Works Everywhere
  • Summary
  • Part II Hacking MFA
  • Chapter 5 Hacking MFA in General
  • MFA Dependency Components
  • Enrollment
  • User
  • Devices/Hardware
  • Software
  • API
  • Authentication Factors
  • Authentication Secrets Store
  • Cryptography
  • Technology
  • Transmission/Network Channel
  • Namespace
  • Supporting Infrastructure
  • Relying Party
  • Federation/Proxies
  • Alternate Authentication Methods/Recovery
  • Migrations
  • Deprovision
  • MFA Component Conclusion
  • Main Hacking Methods
  • Technical Attacks
  • Human Element
  • Physical
  • Two or More Hacking Methods Used
  • "You Didn't Hack the MFA!"
  • How MFA Vulnerabilities Are Found
  • Threat Modeling
  • Code Review
  • Fuzz Testing
  • Penetration Testing
  • Vulnerability Scanning
  • Human Testing
  • Accidents
  • Summary
  • Chapter 6 Access Control Token Tricks
  • Access Token Basics
  • Access Control Token General Hacks
  • Token Reproduction/Guessing
  • Token Theft

Ejemplares similares