Chrome Lets Hackers Phish Even 'Unphishable' Yubikey Users - podcast episode cover

Chrome Lets Hackers Phish Even 'Unphishable' Yubikey Users

Security, Spoken
Mar 02, 20189 min
--:--
--:--
Listen in podcast apps:
Apple Podcasts
Spotify
Download
YouTube
Overcast
Pocket Casts
Episodes.fm
Download Metacast podcast app
Listen to this episode in Metacast mobile app
Don't just listen to podcasts. Learn from them with transcripts, summaries, and chapters for every episode. Skim, search, and bookmark insights. Learn more

Episode description

There's no better way to protect yourself from the universal scourge of phishing attacks than with a hardware token like a Yubikey, which stymies attackers even if you accidentally hand them your username and password. But while Yubikey manufacturer Yubico describes its product as "unphishable," a pair of researchers has proven the company wrong, with a technique that allows clever phishers to sidestep even Yubico's last bastion of login protection.

Learn about your ad choices: dovetail.prx.org/ad-choices
For the best experience, listen in Metacast app for iOS or Android