Beginner’s Guide to Bypassing Modern Authentication Methods to SSO
RSA Conference 2024 · Track Session
In an era where organizations increasingly rely on robust authentication mechanisms to secure their digital assets, this talk by Dor at RSAC 2024 delves into a critical, often overlooked, vulnerability: the post-authentication session. While modern methods like **FIDO2** are widely advertised as security panaceas, especially against phishing and man-in-the-middle (MITM) attacks, Dor challenges this perception. The core premise of the presentation is that even the most advanced authentication, once completed, can leave the subsequent user session exposed to hijacking, particularly in complex **Single Sign-On (SSO)** environments.