Free Download     |     Resource Center    |     Customer Login
1.877.No.Token (1.877.668.6536)
Live Chat
PhoneFactor Blog

Implications of the Twitter attack using the SSL gap

Posted  November 17, 2009 By Steve Dispensa

When we released the SSL authentication gap details a couple of weeks ago, I was convinced that this was a serious issue that needed immediate attention. Although most everyone agreed, there were a few commentators out there that weren’t as concerned about the problem as I was. Well, fast-forward a few days, and the situation [...]

No Comments »


PhoneFactor Team Discovers Vulnerability in SSL Authentication

Posted  November 6, 2009 By Sarah Fender

Earlier this week, PhoneFactor released the details of a serious vulnerability in SSL/TLS authentication, which was discovered by PhoneFactor team members Marsh Ray and Steve Dispensa in August 2009. The SSL authentication gap allows for a standard man-in-the-middle attack in which an attacker is able to inject malicious data and commands into the authenticated SSL [...]

No Comments »


   Terms  |  Sitemap  |  Support  |  Contact               

PhoneFactor, Inc provides secure two-factor authentication services to leading companies worldwide. PhoneFactor's multifactor out-of-band authentication software is a cost effective, user friendly alternative to security tokens, fobs, certificates, and other 2 factor authentication methods.
Secure User Authentication: SSL VPN Authentication | Citrix Authentication | Web Authentication | Terminal Services Authentication | Tivoli Authentication | Online Banking Authentication
Two-Factor Authentication for Regulatory Compliance: Payment Card Industry Data Security Standards (PCI DSS) Compliance | FFIEC Compliance | HIPAA Compliance | NIST 800-63
Compare Phone Authentication to: Security Tokens | SMS Authentication | Biometric Authentication | Soft Tokens | Smart Cards | Certificates