MFA with Unknown Configuration — Yet Again
“New Flaws in Fingerprint Sensors Let Attackers Bypass Windows Hello Login” https://www.theregister.com/2023/11/21/thirdparty_data_breach_at_canadian/
It reads “Enabling MFA across all accounts that are used for online transactions is also advised, as is the manual monitoring of personal accounts for any potential malicious activity.”
There is no mention of how the MFA is configured yet again — in a security-enhancing multi-layer formation or in a security-destructive multi-entrance formation? Usually the former does not involve biometrics while the latter always involves biometrics.
Curious to know what is behind our observation? — Here is my latest post on the issue of MFA: “Own Goal Attacks — Security People Making Dangerous World Yet More Dangerous” (16Nov2023) https://www.linkedin.com/posts/hitoshikokumai_ncsc-uk-must-work-harder-to-secure-critical-activity-7130759079337082880-C51B
We will certainly come to rescue them if they feel the need to be rescued. We can do it better now than before; We are supported by the most advance quantum resistant cryptography from QRC, Switzerland.
