User Profile
Harald_Wallus
Copper Contributor
Joined Jun 16, 2022
User Widgets
Recent Discussions
Re: OTP
Paul151985 I'm not the specialist for hackers. But Microsoft has send the code via SMS. SMS can be hacked by intersection of the communication, e.g. using "false base station" or Hacking of the ‘Personal Account’ of the subscriber on the site or application of the cellular operator and forwarding all messages to the attacker`s address. One of this could be happend. If you receive the Microsoft code, the attacker send a second one, asking you to verify your login. I don't know how the hacker then can lead you to a fake site (maybe proxy, what ever?). Then the attacker has your password. You have used the signin-page of microsoft, and you see, your account is at risk. It looks that Microsoft cloud application security has detected a second login for your account, which looks strange, because it is from another location, or it is from a non registered device. This shows, we all have to move to passwordless authentication, because it is phishing resistant. Harald5.3KViews1like1CommentRe: OTP
Paul151985 I assume, your accountis at risk. the second screenshot is very strange. Looks like a pishing attack. You should inform your security master of desaster and ask, what is happened. Azure currently is moving forward, fast, with authentication, OTP is legacy. passwordless will the next level. You can use passwordless with WHfB, with FIDO, with SmartCard, and with MS Authenticator App password-less signin. All three must be configured by your admin team.5.1KViews0likes3Comments
Recent Blog Articles
No content to show