| 000 | 07233cam a2200817 i 4500 | ||
|---|---|---|---|
| 001 | on1198019471 | ||
| 003 | OCoLC | ||
| 005 | 20240523125543.0 | ||
| 006 | m o d | ||
| 007 | cr cnu---unuuu | ||
| 008 | 200929s2021 inua o 001 0 eng d | ||
| 040 |
_aYDX _beng _erda _epn _cYDX _dTEFOD _dEBLCP _dDG1 _dN$T _dYDXIT _dOCLCF _dOCLCO _dHRM _dGPM _dOCLCO _dNBJ _dOCLCO _dOCLCQ _dIEEEE _dOCLCQ _dUPM _dOCLCQ _dORMDA _dLANGC _dOCLCQ _dOCLCO _dOCLCL |
||
| 020 |
_a9781119672357 _q(electronic book _qoBook) |
||
| 020 |
_a111967235X _q(electronic book _qoBook) |
||
| 020 |
_a9781119672340 _q(electronic book) |
||
| 020 |
_a1119672341 _q(electronic book) |
||
| 020 |
_a9781119650805 _q(electronic book) |
||
| 020 |
_a1119650801 _q(electronic book) |
||
| 020 | _z1119650798 | ||
| 020 | _z9781119650799 | ||
| 024 | 7 |
_a10.1002/9781119672357 _2doi |
|
| 029 | 1 |
_aAU@ _b000068068981 |
|
| 035 | _a(OCoLC)1198019471 | ||
| 037 |
_aF94E0825-B214-4259-8F76-4A4E6FB0546C _bOverDrive, Inc. _nhttp://www.overdrive.com |
||
| 037 |
_a9820872 _bIEEE |
||
| 037 |
_a9781119650799 _bO'Reilly Media |
||
| 050 | 4 |
_aQA76.9.A25 _bG75 2021 |
|
| 082 | 0 | 4 |
_a005.8 _223 |
| 049 | _aMAIN | ||
| 100 | 1 |
_aGrimes, Roger A., _eauthor. |
|
| 245 | 1 | 0 |
_aHacking multifactor authentication / _cRoger A. Grimes. |
| 264 | 1 |
_aIndianapolis, IN : _bJohn Wiley & Sons, Inc., _c[2021] |
|
| 300 |
_a1 online resource (xxxi, 542 pages) : _billustrations |
||
| 336 |
_atext _btxt _2rdacontent |
||
| 337 |
_acomputer _bc _2rdamedia |
||
| 338 |
_aonline resource _bcr _2rdacarrier |
||
| 520 | _a"Multi-Factor Authentication (MFA) is spreading like wildfire across digital environments. However, hundreds of millions of dollars have been stolen from MFA-protected online accounts. How? Most people who use multifactor authentication (MFA) have been told that it is far less hackable than other types of authentication, or even that it is unhackable. You might be shocked to learn that all MFA solutions are actually easy to hack. That's right: there is no perfectly safe MFA solution. In fact, most can be hacked at least five different ways. Hacking Multifactor Authentication will show you how MFA works behind the scenes and how poorly linked multi-step authentication steps allows MFA to be hacked and compromised. This book covers over two dozen ways that various MFA solutions can be hacked, including the methods (and defenses) common to all MFA solutions. You'll learn about the various types of MFA solutions, their strengthens and weaknesses, and how to pick the best, most defensible MFA solution for your (or your customers') needs. Finally, this book reveals a simple method for quickly evaluating your existing MFA solutions. If using or developing a secure MFA solution is important to you, you need this book." | ||
| 505 | 0 | _aIntroduction -- Who This Book Is For -- What Is Covered in This Book? -- MFA Is Good -- How to Contact Wiley or the Author -- Part I Introduction -- Chapter 1 Logon Problems -- It's Bad Out There -- The Problem with Passwords -- Password Basics -- Identity -- The Password -- Password Registration -- Password Complexity -- Password Storage -- Password Authentication -- Password Policies -- Passwords Will Be with Us for a While -- Password Problems and Attacks -- Password Guessing | |
| 505 | 8 | _aPassword Hash Cracking -- Password Stealing -- Passwords in Plain View -- Just Ask for It -- Password Hacking Defenses -- MFA Riding to the Rescue? -- Summary -- Chapter 2 Authentication Basics -- Authentication Life Cycle -- Identity -- Authentication -- Authorization -- Accounting/Auditing -- Standards -- Laws of Identity -- Authentication Problems in the Real World -- Summary -- Chapter 3 Types of Authentication -- Personal Recognition -- Knowledge-Based Authentication -- Passwords -- PINS -- Solving Puzzles -- Password Managers -- Single Sign-Ons and Proxies -- Cryptography -- Encryption | |
| 505 | 8 | _aPublic Key Infrastructure -- Hashing -- Hardware Tokens -- One-Time Password Devices -- Physical Connection Devices -- Wireless -- Phone-Based -- Voice Authentication -- Phone Apps -- SMS -- Biometrics -- FIDO -- Federated Identities and APIs -- OAuth -- APIs -- Contextual/Adaptive -- Less Popular Methods -- Voiceover Radio -- Paper-Based -- Summary -- Chapter 4 Usability vs. Security -- What Does Usability Mean? -- We Don't Really Want the Best Security -- Security Isn't Usually Binary -- Too Secure -- Seven-Factor MFA -- Moving ATM Keypad Numbers -- Not as Worried as You Think About Hacking | |
| 505 | 8 | _aUnhackable Fallacy -- Unbreakable Oracle -- DJB -- Unhackable Quantum Cryptography -- We Are Reactive Sheep -- Security Theater -- Security by Obscurity -- MFA Will Cause Slowdowns -- MFA Will Cause Downtime -- No MFA Solution Works Everywhere -- Summary -- Part II Hacking MFA -- Chapter 5 Hacking MFA in General -- MFA Dependency Components -- Enrollment -- User -- Devices/Hardware -- Software -- API -- Authentication Factors -- Authentication Secrets Store -- Cryptography -- Technology -- Transmission/Network Channel -- Namespace -- Supporting Infrastructure -- Relying Party | |
| 505 | 8 | _aFederation/Proxies -- Alternate Authentication Methods/Recovery -- Migrations -- Deprovision -- MFA Component Conclusion -- Main Hacking Methods -- Technical Attacks -- Human Element -- Physical -- Two or More Hacking Methods Used -- "You Didn't Hack the MFA!" -- How MFA Vulnerabilities Are Found -- Threat Modeling -- Code Review -- Fuzz Testing -- Penetration Testing -- Vulnerability Scanning -- Human Testing -- Accidents -- Summary -- Chapter 6 Access Control Token Tricks -- Access Token Basics -- Access Control Token General Hacks -- Token Reproduction/Guessing -- Token Theft | |
| 500 | _aIncludes index. | ||
| 588 | 0 | _aOnline resource; title from digital title page (viewed on December 07, 2020). | |
| 590 |
_aJohn Wiley and Sons _bWiley Online Library: Complete oBooks |
||
| 650 | 0 | _aHacking. | |
| 650 | 0 | _aHackers. | |
| 650 | 0 | _aCryptography. | |
| 650 | 0 |
_aComputers _xAccess control _xTesting. |
|
| 650 | 0 |
_aComputer networks _xSecurity measures. |
|
| 650 | 0 | _aComputer security. | |
| 650 | 2 | _aComputer Security | |
| 650 | 6 | _aPiratage informatique. | |
| 650 | 6 | _aPirates informatiques. | |
| 650 | 6 | _aCryptographie. | |
| 650 | 6 |
_aR�eseaux d'ordinateurs _xS�ecurit�e _xMesures. |
|
| 650 | 6 | _aS�ecurit�e informatique. | |
| 650 | 7 |
_aComputer networks _xSecurity measures _2fast |
|
| 650 | 7 |
_aComputer security _2fast |
|
| 650 | 7 |
_aComputers _xAccess control _xTesting _2fast |
|
| 650 | 7 |
_aCryptography _2fast |
|
| 650 | 7 |
_aHackers _2fast |
|
| 650 | 7 |
_aHacking _2fast |
|
| 758 |
_ihas work: _aHacking multifactor authentication (Text) _1https://id.oclc.org/worldcat/entity/E39PCGK6F3vQC634kpxJYHcF8C _4https://id.oclc.org/worldcat/ontology/hasWork |
||
| 776 | 0 | 8 |
_iPrint version: _aGrimes, Roger A. _tHacking multifactor authentication. _dIndianapolis, IN : John Wiley & Sons, Inc., [2021] _z9781119650799 _w(OCoLC)1119761240 |
| 856 | 4 | 0 | _uhttps://onlinelibrary.wiley.com/doi/book/10.1002/9781119672357 |
| 938 |
_aProQuest Ebook Central _bEBLB _nEBL6357201 |
||
| 938 |
_aEBSCOhost _bEBSC _n2634886 |
||
| 938 |
_aYBP Library Services _bYANK _n16981285 |
||
| 994 |
_a92 _bINLUM |
||
| 999 |
_c12740 _d12740 |
||