Root Causes Episode 109: Examining MFA Through Phone-based SMS
Tim Callan, Senior Fellow at Sectigo & Jason Soroko, CTO of PKI at Sectigo
About this talk
SMS-based one time password (OTP) is a very commonly used form of multi-factor authentication (MFA). That's because it's fast and inexpensive to roll out to users. Unfortunately it is deeply vulnerable to a set of well-defined attacks. In this episode our hosts explain why SMS MFA became so popular and how this outdated MFA scheme fails to provide the security expected by those who use it.