Slashdot Mirror

← Back to Stories (view on slashdot.org)

Why One-time Passwords Suck For MITM Attacks

Posted by CmdrTaco on Monday August 18, 2008 @09:11AM from the my-password-is-pass1234 dept.

whitehartstag writes "Black Hat 08 disclosed several SSL VPN and DNS vulnerabilities that caused several people to sit up and take notice. Some of these new exploits performed a brilliant Man-In-The-Middle attack on SSL VPN tunnels. This article walks you through how using certificates, instead of OTP tokens, for second-factor authentication can increase the security of your SSL VPN against these new types of attacks."

2 of 138 comments (clear)

Min score:

Reason:

Sort:

mo3 d0wn by Anonymous Coward · 2008-08-18 15:09 · Score: -1, Offtopic

move any 3quipment similarly grisly
Re:xkcd comic by Anonymous Coward · 2008-08-18 16:41 · Score: -1, Offtopic

Well just in case he doesn't know...
Knowing is half the battle.
wow. You're a dick.