2:40 pm - 3:30 pm, Monday, September 25
The Many Ways to Hack MFA
Threats (Detection/Hunting/Intelligence/Mitigation/Monitoring)

Session Abstract: Everyone knows that multifactor authentication (MFA) is more secure than a simple login name and password, but too many people think that MFA is a perfect, unhackable solution. It isn't! I can send you a regular phishing email and completely take control of your account even if you use a super-duper MFA token. Learn the 12+ ways hackers can get around your favorite MFA solution. The presentation will include a (pre-filmed) hacking demo by KnowBe4's Chief Hacking Officer, Kevin Mitnick, and real-life successful examples. It will end by telling you how to better defend your MFA solution.Summary: All MFA can be hacked, 95% so easily you should not be using it. Attend this session to see how your favorite MFA solution can be easily hacked. Learn what you can do to pick better, stronger MFA.Additional Information: I wrote a book on this subject ( I probably write more on this subject than any other single person and I've helped drive CISA to recommend that everyone using phishing-resistant MFA. I am a keynote speaker every year at FIDO's Authenticate conference in Seattle, where I show MFA vendors how I can hack their solutions. I've evaluated and hacked over 160 different MFA solutions, including the ones that you love and use.

Get in touch
Get in touch
Customer Service
For any and all inquiries please click the button below
Speaking Opportunities

Tim Garon
Director, Event Content and Strategy

Stay Informed
Join our mailing list for the latest news on InfoSec World 2023.