TH11 12 Ways to Hack MFA

August 6th, 2020

1:30pm - 2:45pm

Level: Intermediate

Roger Grimes

Data-Driven Defense Evangelist

KnowBe4, Inc.

Everyone knows that multi-factor authentication (MFA) is more secure than a simple login name and password, but too many people think that MFA is a perfect, unhackable solution. It isn't! I can send you a regular phish email and completely take control of your account even if you use a super-dooper MFA token or smartphone app. Attend this presentation and learn the 12+ ways hackers can and do get around your favorite MFA solution. The presentation will include a (pre-filmed) hacking demo by KnowBe4's Chief Hacking Officer, Kevin Mitnick, and real-life successful examples of every attack type. It will end by telling you how to better defend your MFA solution so that you get maximum benefit and security.

You will learn:

  • How MFA works
  • How MFA can be hacked
  • How to defend various MFA solutions against hacking