Session Abstract: Everyone knows that multifactor authentication (MFA) is more secure than a simple login name and password, but too many people think that MFA is a perfect, unhackable solution. It isn't! I can send you a regular phishing email and completely take control of your account even if you use a super-duper MFA token. Learn the 12+ ways hackers can get around your favorite MFA solution. The presentation will include a (pre-filmed) hacking demo by KnowBe4's Chief Hacking Officer, Kevin Mitnick, and real-life successful examples. It will end by telling you how to better defend your MFA solution.Summary: All MFA can be hacked, 95% so easily you should not be using it. Attend this session to see how your favorite MFA solution can be easily hacked. Learn what you can do to pick better, stronger MFA.Additional Information: I wrote a book on this subject (https://www.amazon.com/Hacking-Multifactor-Authentication-Roger-Grimes-ebook/dp/B08KG65Q3V). I probably write more on this subject than any other single person and I've helped drive CISA to recommend that everyone using phishing-resistant MFA. I am a keynote speaker every year at FIDO's Authenticate conference in Seattle, where I show MFA vendors how I can hack their solutions. I've evaluated and hacked over 160 different MFA solutions, including the ones that you love and use.