Higher late than by no means
Australian security advisor Brett Randall posted concerning the security gap over the course of a number of months and mentioned he noticed greater than 100,000 views on these LinkedIn posts.
“This now brings Microsoft Authenticator again on par with different phone-based TOTP authenticators. It not permits the unintended overwriting of TOTP keys when sure circumstances, together with reused e mail addresses, are current, which was successfully locking customers out of unrelated methods with little warning,” Randall wrote on LinkedIn. “Thanks, Microsoft, for fixing the difficulty, even when it was far tougher than it wanted to be to get an acknowledgement that the difficulty existed.”
Tim Erlin, API security chief at Wallarm, was one in every of many customers final month who confirmed the Microsoft Authenticator challenge. “Though it looks as if it wasn’t straightforward to get addressed, it’s nice to see that Microsoft has fastened this challenge with their Authenticator app. There’s little question that it’s going to forestall future complications for his or her customers,” Erlin mentioned.
