{"id":8682,"date":"2014-04-10T15:44:00","date_gmt":"2014-04-10T19:44:00","guid":{"rendered":"http:\/\/mjtsai.com\/blog\/?p=8682"},"modified":"2021-07-03T14:19:20","modified_gmt":"2021-07-03T18:19:20","slug":"when-two-factor-authentication-is-not-enough","status":"publish","type":"post","link":"https:\/\/mjtsai.com\/blog\/2014\/04\/10\/when-two-factor-authentication-is-not-enough\/","title":{"rendered":"When Two-Factor Authentication Is Not Enough"},"content":{"rendered":"<p><a href=\"http:\/\/blog.fastmail.fm\/2014\/04\/10\/when-two-factor-authentication-is-not-enough\/\">Bron Gondwana<\/a>:<\/p>\n<blockquote cite=\"http:\/\/blog.fastmail.fm\/2014\/04\/10\/when-two-factor-authentication-is-not-enough\/\"><p>This is why this email was such a surprise. Like the poor quality mailing lists mentioned above, it didn&rsquo;t require a confirmed opt-in. We had to reply to say that we didn&rsquo;t want the contact email address changed.<\/p>\n<p>This means that a forged source address was sufficient. Even though the attacker couldn&rsquo;t read email to hostmaster@fastmail.fm, they didn&rsquo;t need to. All they needed was for us to <em>not<\/em> read it.<\/p>\n<p>To Gandi&rsquo;s credit, they responded very quickly to our &ldquo;NO, DON&rsquo;T CHANGE IT&rdquo; email, and locked our account to stop any further shenanigans while they investigated and collected more documents from us.<\/p><\/blockquote>","protected":false},"excerpt":{"rendered":"<p>Bron Gondwana: This is why this email was such a surprise. Like the poor quality mailing lists mentioned above, it didn&rsquo;t require a confirmed opt-in. We had to reply to say that we didn&rsquo;t want the contact email address changed. This means that a forged source address was sufficient. Even though the attacker couldn&rsquo;t read [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"apple_news_api_created_at":"2021-07-03T18:19:23Z","apple_news_api_id":"71171b32-15fc-4012-8095-8677e19d8c7d","apple_news_api_modified_at":"2021-07-03T18:19:23Z","apple_news_api_revision":"AAAAAAAAAAD\/\/\/\/\/\/\/\/\/\/w==","apple_news_api_share_url":"https:\/\/apple.news\/AcRcbMhX8QBKAlYZ34Z2MfQ","apple_news_coverimage":0,"apple_news_coverimage_caption":"","apple_news_is_hidden":false,"apple_news_is_paid":false,"apple_news_is_preview":false,"apple_news_is_sponsored":false,"apple_news_maturity_rating":"","apple_news_metadata":"\"\"","apple_news_pullquote":"","apple_news_pullquote_position":"","apple_news_slug":"","apple_news_sections":"\"\"","apple_news_suppress_video_url":false,"apple_news_use_image_component":false,"footnotes":""},"categories":[2],"tags":[728,596,48,2090],"class_list":["post-8682","post","type-post","status-publish","format-standard","hentry","category-technology","tag-domain-name-system-dns","tag-fastmail","tag-security","tag-two-factor-authentication-2fa"],"apple_news_notices":[],"_links":{"self":[{"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/posts\/8682","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/comments?post=8682"}],"version-history":[{"count":1,"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/posts\/8682\/revisions"}],"predecessor-version":[{"id":33014,"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/posts\/8682\/revisions\/33014"}],"wp:attachment":[{"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/media?parent=8682"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/categories?post=8682"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/tags?post=8682"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}