Hacking multifactor authentication / (Record no. 12740)
[ view plain ]
| 000 -LEADER | |
|---|---|
| fixed length control field | 07233cam a2200817 i 4500 |
| 001 - CONTROL NUMBER | |
| control field | on1198019471 |
| 003 - CONTROL NUMBER IDENTIFIER | |
| control field | OCoLC |
| 005 - DATE AND TIME OF LATEST TRANSACTION | |
| control field | 20240523125543.0 |
| 006 - FIXED-LENGTH DATA ELEMENTS--ADDITIONAL MATERIAL CHARACTERISTICS | |
| fixed length control field | m o d |
| 007 - PHYSICAL DESCRIPTION FIXED FIELD--GENERAL INFORMATION | |
| fixed length control field | cr cnu---unuuu |
| 008 - FIXED-LENGTH DATA ELEMENTS--GENERAL INFORMATION | |
| fixed length control field | 200929s2021 inua o 001 0 eng d |
| 040 ## - CATALOGING SOURCE | |
| Original cataloging agency | YDX |
| Language of cataloging | eng |
| Description conventions | rda |
| -- | pn |
| Transcribing agency | YDX |
| Modifying agency | TEFOD |
| -- | EBLCP |
| -- | DG1 |
| -- | N$T |
| -- | YDXIT |
| -- | OCLCF |
| -- | OCLCO |
| -- | HRM |
| -- | GPM |
| -- | OCLCO |
| -- | NBJ |
| -- | OCLCO |
| -- | OCLCQ |
| -- | IEEEE |
| -- | OCLCQ |
| -- | UPM |
| -- | OCLCQ |
| -- | ORMDA |
| -- | LANGC |
| -- | OCLCQ |
| -- | OCLCO |
| -- | OCLCL |
| 020 ## - INTERNATIONAL STANDARD BOOK NUMBER | |
| International Standard Book Number | 9781119672357 |
| Qualifying information | (electronic book |
| -- | oBook) |
| 020 ## - INTERNATIONAL STANDARD BOOK NUMBER | |
| International Standard Book Number | 111967235X |
| Qualifying information | (electronic book |
| -- | oBook) |
| 020 ## - INTERNATIONAL STANDARD BOOK NUMBER | |
| International Standard Book Number | 9781119672340 |
| Qualifying information | (electronic book) |
| 020 ## - INTERNATIONAL STANDARD BOOK NUMBER | |
| International Standard Book Number | 1119672341 |
| Qualifying information | (electronic book) |
| 020 ## - INTERNATIONAL STANDARD BOOK NUMBER | |
| International Standard Book Number | 9781119650805 |
| Qualifying information | (electronic book) |
| 020 ## - INTERNATIONAL STANDARD BOOK NUMBER | |
| International Standard Book Number | 1119650801 |
| Qualifying information | (electronic book) |
| 020 ## - INTERNATIONAL STANDARD BOOK NUMBER | |
| Canceled/invalid ISBN | 1119650798 |
| 020 ## - INTERNATIONAL STANDARD BOOK NUMBER | |
| Canceled/invalid ISBN | 9781119650799 |
| 024 7# - OTHER STANDARD IDENTIFIER | |
| Standard number or code | 10.1002/9781119672357 |
| Source of number or code | doi |
| 029 1# - OTHER SYSTEM CONTROL NUMBER (OCLC) | |
| OCLC library identifier | AU@ |
| System control number | 000068068981 |
| 035 ## - SYSTEM CONTROL NUMBER | |
| System control number | (OCoLC)1198019471 |
| 037 ## - SOURCE OF ACQUISITION | |
| Stock number | F94E0825-B214-4259-8F76-4A4E6FB0546C |
| Source of stock number/acquisition | OverDrive, Inc. |
| Note | http://www.overdrive.com |
| 037 ## - SOURCE OF ACQUISITION | |
| Stock number | 9820872 |
| Source of stock number/acquisition | IEEE |
| 037 ## - SOURCE OF ACQUISITION | |
| Stock number | 9781119650799 |
| Source of stock number/acquisition | O'Reilly Media |
| 050 #4 - LIBRARY OF CONGRESS CALL NUMBER | |
| Classification number | QA76.9.A25 |
| Item number | G75 2021 |
| 082 04 - DEWEY DECIMAL CLASSIFICATION NUMBER | |
| Classification number | 005.8 |
| Edition number | 23 |
| 049 ## - LOCAL HOLDINGS (OCLC) | |
| Holding library | MAIN |
| 100 1# - MAIN ENTRY--PERSONAL NAME | |
| Personal name | Grimes, Roger A., |
| Relator term | author. |
| 245 10 - TITLE STATEMENT | |
| Title | Hacking multifactor authentication / |
| Statement of responsibility, etc. | Roger A. Grimes. |
| 264 #1 - PRODUCTION, PUBLICATION, DISTRIBUTION, MANUFACTURE, AND COPYRIGHT NOTICE | |
| Place of production, publication, distribution, manufacture | Indianapolis, IN : |
| Name of producer, publisher, distributor, manufacturer | John Wiley & Sons, Inc., |
| Date of production, publication, distribution, manufacture, or copyright notice | [2021] |
| 300 ## - PHYSICAL DESCRIPTION | |
| Extent | 1 online resource (xxxi, 542 pages) : |
| Other physical details | illustrations |
| 336 ## - CONTENT TYPE | |
| Content type term | text |
| Content type code | txt |
| Source | rdacontent |
| 337 ## - MEDIA TYPE | |
| Media type term | computer |
| Media type code | c |
| Source | rdamedia |
| 338 ## - CARRIER TYPE | |
| Carrier type term | online resource |
| Carrier type code | cr |
| Source | rdacarrier |
| 520 ## - SUMMARY, ETC. | |
| Summary, etc. | "Multi-Factor Authentication (MFA) is spreading like wildfire across digital environments. However, hundreds of millions of dollars have been stolen from MFA-protected online accounts. How? Most people who use multifactor authentication (MFA) have been told that it is far less hackable than other types of authentication, or even that it is unhackable. You might be shocked to learn that all MFA solutions are actually easy to hack. That's right: there is no perfectly safe MFA solution. In fact, most can be hacked at least five different ways. Hacking Multifactor Authentication will show you how MFA works behind the scenes and how poorly linked multi-step authentication steps allows MFA to be hacked and compromised. This book covers over two dozen ways that various MFA solutions can be hacked, including the methods (and defenses) common to all MFA solutions. You'll learn about the various types of MFA solutions, their strengthens and weaknesses, and how to pick the best, most defensible MFA solution for your (or your customers') needs. Finally, this book reveals a simple method for quickly evaluating your existing MFA solutions. If using or developing a secure MFA solution is important to you, you need this book." |
| 505 0# - FORMATTED CONTENTS NOTE | |
| Formatted contents note | Introduction -- Who This Book Is For -- What Is Covered in This Book? -- MFA Is Good -- How to Contact Wiley or the Author -- Part I Introduction -- Chapter 1 Logon Problems -- It's Bad Out There -- The Problem with Passwords -- Password Basics -- Identity -- The Password -- Password Registration -- Password Complexity -- Password Storage -- Password Authentication -- Password Policies -- Passwords Will Be with Us for a While -- Password Problems and Attacks -- Password Guessing |
| 505 8# - FORMATTED CONTENTS NOTE | |
| Formatted contents note | Password Hash Cracking -- Password Stealing -- Passwords in Plain View -- Just Ask for It -- Password Hacking Defenses -- MFA Riding to the Rescue? -- Summary -- Chapter 2 Authentication Basics -- Authentication Life Cycle -- Identity -- Authentication -- Authorization -- Accounting/Auditing -- Standards -- Laws of Identity -- Authentication Problems in the Real World -- Summary -- Chapter 3 Types of Authentication -- Personal Recognition -- Knowledge-Based Authentication -- Passwords -- PINS -- Solving Puzzles -- Password Managers -- Single Sign-Ons and Proxies -- Cryptography -- Encryption |
| 505 8# - FORMATTED CONTENTS NOTE | |
| Formatted contents note | Public Key Infrastructure -- Hashing -- Hardware Tokens -- One-Time Password Devices -- Physical Connection Devices -- Wireless -- Phone-Based -- Voice Authentication -- Phone Apps -- SMS -- Biometrics -- FIDO -- Federated Identities and APIs -- OAuth -- APIs -- Contextual/Adaptive -- Less Popular Methods -- Voiceover Radio -- Paper-Based -- Summary -- Chapter 4 Usability vs. Security -- What Does Usability Mean? -- We Don't Really Want the Best Security -- Security Isn't Usually Binary -- Too Secure -- Seven-Factor MFA -- Moving ATM Keypad Numbers -- Not as Worried as You Think About Hacking |
| 505 8# - FORMATTED CONTENTS NOTE | |
| Formatted contents note | Unhackable Fallacy -- Unbreakable Oracle -- DJB -- Unhackable Quantum Cryptography -- We Are Reactive Sheep -- Security Theater -- Security by Obscurity -- MFA Will Cause Slowdowns -- MFA Will Cause Downtime -- No MFA Solution Works Everywhere -- Summary -- Part II Hacking MFA -- Chapter 5 Hacking MFA in General -- MFA Dependency Components -- Enrollment -- User -- Devices/Hardware -- Software -- API -- Authentication Factors -- Authentication Secrets Store -- Cryptography -- Technology -- Transmission/Network Channel -- Namespace -- Supporting Infrastructure -- Relying Party |
| 505 8# - FORMATTED CONTENTS NOTE | |
| Formatted contents note | Federation/Proxies -- Alternate Authentication Methods/Recovery -- Migrations -- Deprovision -- MFA Component Conclusion -- Main Hacking Methods -- Technical Attacks -- Human Element -- Physical -- Two or More Hacking Methods Used -- "You Didn't Hack the MFA!" -- How MFA Vulnerabilities Are Found -- Threat Modeling -- Code Review -- Fuzz Testing -- Penetration Testing -- Vulnerability Scanning -- Human Testing -- Accidents -- Summary -- Chapter 6 Access Control Token Tricks -- Access Token Basics -- Access Control Token General Hacks -- Token Reproduction/Guessing -- Token Theft |
| 500 ## - GENERAL NOTE | |
| General note | Includes index. |
| 588 0# - SOURCE OF DESCRIPTION NOTE | |
| Source of description note | Online resource; title from digital title page (viewed on December 07, 2020). |
| 590 ## - LOCAL NOTE (RLIN) | |
| Local note | John Wiley and Sons |
| Provenance (VM) [OBSOLETE] | Wiley Online Library: Complete oBooks |
| 650 #0 - SUBJECT ADDED ENTRY--TOPICAL TERM | |
| Topical term or geographic name entry element | Hacking. |
| 650 #0 - SUBJECT ADDED ENTRY--TOPICAL TERM | |
| Topical term or geographic name entry element | Hackers. |
| 650 #0 - SUBJECT ADDED ENTRY--TOPICAL TERM | |
| Topical term or geographic name entry element | Cryptography. |
| 650 #0 - SUBJECT ADDED ENTRY--TOPICAL TERM | |
| Topical term or geographic name entry element | Computers |
| General subdivision | Access control |
| -- | Testing. |
| 650 #0 - SUBJECT ADDED ENTRY--TOPICAL TERM | |
| Topical term or geographic name entry element | Computer networks |
| General subdivision | Security measures. |
| 650 #0 - SUBJECT ADDED ENTRY--TOPICAL TERM | |
| Topical term or geographic name entry element | Computer security. |
| 650 #2 - SUBJECT ADDED ENTRY--TOPICAL TERM | |
| Topical term or geographic name entry element | Computer Security |
| 650 #6 - SUBJECT ADDED ENTRY--TOPICAL TERM | |
| Topical term or geographic name entry element | Piratage informatique. |
| 650 #6 - SUBJECT ADDED ENTRY--TOPICAL TERM | |
| Topical term or geographic name entry element | Pirates informatiques. |
| 650 #6 - SUBJECT ADDED ENTRY--TOPICAL TERM | |
| Topical term or geographic name entry element | Cryptographie. |
| 650 #6 - SUBJECT ADDED ENTRY--TOPICAL TERM | |
| Topical term or geographic name entry element | R�eseaux d'ordinateurs |
| General subdivision | S�ecurit�e |
| -- | Mesures. |
| 650 #6 - SUBJECT ADDED ENTRY--TOPICAL TERM | |
| Topical term or geographic name entry element | S�ecurit�e informatique. |
| 650 #7 - SUBJECT ADDED ENTRY--TOPICAL TERM | |
| Topical term or geographic name entry element | Computer networks |
| General subdivision | Security measures |
| Source of heading or term | fast |
| 650 #7 - SUBJECT ADDED ENTRY--TOPICAL TERM | |
| Topical term or geographic name entry element | Computer security |
| Source of heading or term | fast |
| 650 #7 - SUBJECT ADDED ENTRY--TOPICAL TERM | |
| Topical term or geographic name entry element | Computers |
| General subdivision | Access control |
| -- | Testing |
| Source of heading or term | fast |
| 650 #7 - SUBJECT ADDED ENTRY--TOPICAL TERM | |
| Topical term or geographic name entry element | Cryptography |
| Source of heading or term | fast |
| 650 #7 - SUBJECT ADDED ENTRY--TOPICAL TERM | |
| Topical term or geographic name entry element | Hackers |
| Source of heading or term | fast |
| 650 #7 - SUBJECT ADDED ENTRY--TOPICAL TERM | |
| Topical term or geographic name entry element | Hacking |
| Source of heading or term | fast |
| 758 ## - RESOURCE IDENTIFIER | |
| Relationship information | has work: |
| Label | Hacking multifactor authentication (Text) |
| Real World Object URI | https://id.oclc.org/worldcat/entity/E39PCGK6F3vQC634kpxJYHcF8C |
| Relationship | https://id.oclc.org/worldcat/ontology/hasWork |
| 776 08 - ADDITIONAL PHYSICAL FORM ENTRY | |
| Relationship information | Print version: |
| Main entry heading | Grimes, Roger A. |
| Title | Hacking multifactor authentication. |
| Place, publisher, and date of publication | Indianapolis, IN : John Wiley & Sons, Inc., [2021] |
| International Standard Book Number | 9781119650799 |
| Record control number | (OCoLC)1119761240 |
| 856 40 - ELECTRONIC LOCATION AND ACCESS | |
| Uniform Resource Identifier | <a href="https://onlinelibrary.wiley.com/doi/book/10.1002/9781119672357">https://onlinelibrary.wiley.com/doi/book/10.1002/9781119672357</a> |
| 938 ## - | |
| -- | ProQuest Ebook Central |
| -- | EBLB |
| -- | EBL6357201 |
| 938 ## - | |
| -- | EBSCOhost |
| -- | EBSC |
| -- | 2634886 |
| 938 ## - | |
| -- | YBP Library Services |
| -- | YANK |
| -- | 16981285 |
| 994 ## - | |
| -- | 92 |
| -- | INLUM |
No items available.