Article posted: Feb 27, 2018
By Anders Adolfsson, Technical Consultant
We've written about the dangers of One-Time Passwords (OTP) for use in two-factor authentication and applauded the National Institute of Standards and Technology's (NIST) stance on eliminating SMS-based OTPs. It seems we're not alone. FireEye recently blogged about the dangers of OTPs in phishing campaigns and how hackers are using real-time phishing in attacks on corporate websites.