The cloning also requires up to $12,000 worth of equipment and custom software, plus an advanced background in electrical engineering and cryptography.
A hacker would first have to steal a target’s account password and also gain covert possession of the physical key for as many as 10 hours. There are some steep hurdles to clear for an attack to be successful. Research published today doesn’t change that thinking, but it does show how malicious attackers with physical possession of a Google Titan key can clone it. There’s wide consensus among security experts that physical two-factor authentication keys provide the most effective protection against account takeovers.
0 kommentar(er)
