Skip to content
The Nexus
DossierENTITY

Two-Factor Authentication

Coverage of Two-Factor Authentication in the Nexus archive.

Earliest in view: Apr 16 · 15:23 UTCMost recent: Jun 14 · 13:00 UTC
Co-mentioned in this coverage
Recent coverage
  • SECURITYJun 14 · 13:00 UTCTHE GUARDIAN TECH
    Readers reply: Experts say we should use passkeys, but can a smartphone pin really be safer than a password?

    Readers debate whether passkeys like smartphone PINs or facial recognition are safer than traditional passwords and two-factor authentication. Concerns include risks if a phone is stolen or lost, despite passkeys being unphishable and less hackable when not stored on company servers.

  • SECURITYJun 8 · 09:34 UTCWTOP DC
    Data Doctors: How to spot scam invitations

    The article warns about scam invitations during events like weddings, which mimic platforms like Evite and Paperless Post to steal login credentials. The FTC advises checking sender emails, links, and avoiding entering credentials on such invitations. Victims should change passwords and enable two-factor authentication if compromised.

  • SECURITYJun 3 · 19:53 UTCARS TECHNICA
    Dashlane issues opaque advisory warning 20 encrypted vaults were stolen

    Dashlane issued a security advisory warning that attackers stole 20 encrypted user vaults by launching a brute force attack against two-factor authentication (2FA) protections to register new devices on existing accounts. The advisory states the attack began on May 31, 2026, and a user provided a screenshot of a 2FA request notification received on Sunday.

  • SECURITYJun 2 · 03:55 UTCTHE HACKER NEWS
    Dashlane Discloses Brute-Force Attack, Encrypted Vaults of Fewer Than 20 Users Downloaded

    Password manager Dashlane disclosed that fewer than 20 users on the personal subscription plan had their encrypted vaults downloaded following a brute-force attack. An external threat actor launched the attack on May 31, 2026, targeting accounts to break two-factor authentication (2FA).

  • SECURITYJun 1 · 11:15 UTCTHE REGISTER
    Password manager Dashlane suspends customer accounts amid brute-force attacks

    Password manager Dashlane suspended customer accounts following brute-force attacks, which began on Sunday and led to unauthorized login attempts from Korea and Russia. The company restored accounts after investigating the incident but later changed the status to 'monitoring.' Dashlane confirmed no internal systems were compromised, though users criticized the lack of public communication and faced issues with two-factor authentication.

  • SECURITYMay 30 · 19:25 UTCFOX NEWS
    Your senior parents are easier to impersonate than you are

    Americans 60 and older filed 201,266 complaints with the FBI's Internet Crime Complaint Center in 2025, reporting $7.7 billion in losses, the highest of any age group. Scammers exploit outdated verification methods like date of birth and Social Security numbers, while AI voice cloning enables fraudulent phone calls. The article recommends steps like credit freezes and two-factor authentication to protect seniors.

  • SECURITYMay 27 · 12:45 UTCFOX NEWS
    Are bank text codes enough to protect you?

    Text or email codes for bank security are better than passwords alone but are not the strongest options due to risks like SIM swap scams. Experts recommend using authenticator apps for stronger two-factor authentication (2FA) to protect accounts from scammers intercepting codes.

  • SECURITYMay 23 · 16:35 UTCTHE HACKER NEWS
    npm Adds 2FA-Gated Publishing and Package Install Controls Against Supply Chain Attacks

    GitHub has introduced staged publishing on npm, requiring maintainers to approve package releases via two-factor authentication (2FA) to enhance software supply chain security. This feature aims to prevent unauthorized or malicious package distributions by mandating human verification before public installation.

  • SECURITYMay 11 · 19:49 UTCDECRYPT
    Hackers Used AI to Build a Zero-Day Exploit That Bypasses Two-Factor Authentication: Google

    Hackers used an AI model to discover and exploit a previously unknown software flaw, bypassing two-factor authentication, as confirmed by Google's threat team. This zero-day exploit was used by cybercriminals. The incident highlights the growing concern of AI-powered attacks.

  • SECURITYApr 17 · 19:05 UTCDARK READING
    Tycoon 2FA Phishers Scatter, Adopt Device Code Phishing

    Attackers are exploiting device code phishing by leveraging a service's legitimate new-device login flow to trick victims into granting account access. This method bypasses traditional two-factor authentication (2FA) by mimicking authorized login processes.

  • SECURITYApr 16 · 15:28 UTCDARK READING
    Two-Factor Authentication Breaks Free from the Desktop

    The article discusses how threat actors bypass security systems in non-traditional IT environments, emphasizing the need for two-factor authentication (2FA) as an added security layer in physical settings. It highlights 2FA's potential to counteract vulnerabilities outside standard digital defenses.

  • SECURITYApr 16 · 15:23 UTCFOX NEWS
    New FBI warning reveals phishing attacks hitting private chats

    The FBI and CISA warn that Russian intelligence-linked actors are conducting large-scale phishing campaigns targeting encrypted messaging apps like WhatsApp, Signal, and Telegram. Attackers exploit human error rather than breaking encryption, compromising accounts by tricking users into revealing login credentials, enabling impersonation and data breaches.

Two-Factor Authentication · Dossier · The Nexus