Damus
koehntopp ~ : · 4w
nostr:nprofile1qy2hwumn8ghj7un9d3shjtnyd968gmewwp6kyqpqwf44gvmu4g6x0gwwjgrnlw0f8dxmvx7h929k057wwv8hwa8clq6se2gu7x Brute force 2FA...? That does not sound like something that should be successfully p...
BrianKrebs profile picture
@nprofile1q... I had the same question. Seems to me, the only way brute-force is useful as an attack is if you can by default try a large number of possible combinations at once, but they're saying that rate limiting was what caused the affected accounts to get locked out the other day. Something isn't adding up.
1
koehntopp ~ : · 4w
nostr:nprofile1qy2hwumn8ghj7un9d3shjtnyd968gmewwp6kyqpqwf44gvmu4g6x0gwwjgrnlw0f8dxmvx7h929k057wwv8hwa8clq6se2gu7x Well, there's a recent surge of sites where the default after entering your email is you're being sent a code to that email - THAT is something that would not require knowing the passwo...