It’s one of the oldest and most obvious techniques for trying to steal someone’s password, running a software that churns through password options. This can be used in conjunction with information known about the user from OSINT – Open Source Intelligence.
The best way to mitigate this kind of threat is to use two-factor authentication (2FA), a secondary layer of access detail form a separate source, normally your mobile phone.
Any decent exchange will either enforce or strongly encourage the use of 2FA, but it is important to avoid using text for 2FA, as the next subject explains.
The two most common 2FA providers are Google Authenticator or Authy.
Leave a Reply