Multi-factor authentication bypass techniques you need to know about.

  • Wednesday, 06 May 2020 8:00PM PST (07 May 2020 03:00 UTC)
  • Speaker: Bryce Galbraith

The increasing use of multi-factor authentication (MFA) to secure accounts is a welcomed improvement over static username/password combinations, and it's long overdue. Unfortunately, there are several multi-factor authentication bypass techniques that can put virtually every organization's data at risk, both on premise and in the cloud. It is imperative that those responsible for securing sensitive data understand the impact of these attacks so they can build robust, defensible architectures that protect against these advanced adversary Tactics, Techniques, and Procedures (TTPs).

This talk will explore powerful techniques that can bypass most modern strong authentication methods:

  • Windows Active Directory authentication bypass
  • Web authentication bypass (e.g., Microsoft 365, AWS, VMware, Google, Slack, Dropbox, etc.)
  • Biometric bypass (e.g., Windows Hello)
  • Smart card bypass (e.g., US DoD's CAC)
  • Hardware token bypass (e.g., YubiKey)
  • Phishing through MFA (HTTPS/HSTS won't prevent this)
  • And how \Bring Your Own Device" (BYOD) can quickly become, "Bring Your Own Disaster".